Simple Exchange server certificate management

David M Williams
Wednesday, 10 February 2010 23:20

Business IT - Networking

To give your Microsoft Exchange users the most flexible access options you really need an independent verified SSL certificate. Here’s how to do it fast and efficiently with a minimum of fuss and confusion.

Microsoft’s Exchange Server 2010 is now available and offers interesting new features like threaded e-mail, cloud storage options and more.

The Exchange development team do not offer any in-place upgrade from Exchange Server 2007 or previous versions. The option was dropped for Exchange2007 because, for the first time, it was available only as a 64-bit release. Microsoft thus opted to force a clean installation.

It seems that while this may have caused mild stress or inconvenience to Windows server admins the Exchange developers themselves felt it relieved such a burden by not having to ensure the many possible upgrade routes would work. As such they’ve brought this into Exchange 2010 too.

As such, there will be young admins out there installing Exchange server for the first time and will be confronted by the perennial problem of certifying authorities.

Exchange is no different from web servers, commerce servers and other products which perform sensitive online communications and transactions. It’s essential that security and privacy is maintained, and that users can trust the server they’re dealing with is trustworthy.

Here is where secure socket layer (SSL) certificates come in to play. Here is why and how to get one.

To use Exchange’s “Outlook Anywhere” (formerly known as RPC over HTTP) and secure OWA (Outlook Web App, formerly known as Outlook Web Access) you really need a third-party certificate from a trusted certifying authority.