Exchange Server 2010 supports three types of certificates to secure the HTTP connections. These are as below:-
1. Windows Certificate Authority
– We can install our own Certificate Authority from Control Panel >
Add/Remove programs which is in-built Windows services. Installing CA on
a Domain Controller may give some restrictive platform. We can also
configure Windows 2008 CA to issue Unified Communications certificates.
2. Self Signed Certificates – As the name implies, these certificates are automatically generated during Exchange Server 2010 Client Access Server installation. There are few limitations associated with these certificates. First, Outlook Anywhere doesn’t support these certificates. Second, since workstation browsers and Windows Mobile devices doesn’t trust Self Signed certificates, we have to copy this certificate to the certificate store manually. OWA and Exchange ActiveSync are compatible with these certificates.
3. 3rd Party Certificates
– These certificates are issues by the third party trusted vendors.
These certificates are recommended and used by most of the organizations
running Exchange. Here is the list of 3rd party vendors listed on the Microsoft KB#929395.
|
Certification authority
|
Web site
|
|
Entrust
|
http://www.entrust.net/microsoft/ (http://www.entrust.net/microsoft/)
|
|
Comodo
|
http://www.comodo.com/msexchange (http://www.comodo.com/msexchange)
|
|
DigiCert
|
http://www.digicert.com/unified-communications-ssl-tls.htm (http://www.digicert.com/unified-communications-ssl-tls.htm)
|
|
GlobalSign
|
http://www.globalsign.com/ssl/buy-ssl-certificates/unified-communications-ssl/ (http://www.globalsign.com/ssl/buy-ssl-certificates/unified-communications-ssl/)
|
No comments:
Post a Comment