Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Windows Server Windows Server
Search Search
Search for:
Tech Support Guy > > >

Solved: Exchange/OWA 2003 Help (certificates and external access)


(!)

neil21stirling's Avatar
neil21stirling neil21stirling is offline
Member with 606 posts.
THREAD STARTER
 
Join Date: Sep 2007
Location: Fife, Scotland
Experience: Advanced
23-Jul-2012, 04:48 AM #1
Solved: Exchange/OWA 2003 Help (certificates and external access)
Hi guys,

forgive the long explanation but here's my problem,
Inherited an issue at my work with our Small business server, running exchange 2003 for the entire organisation.
My issue is that previously there was a self signed certificate in use for OWA etc,
however some changes were recently made in the way of a server upgrade and change of broadband providers, which also called the the removal of ISA.

The domain for the server in question is using ".local" instead of a FQDN (which had been setup long before i started working for them)
Access to OWA is fine both internal and external i.e. internal using //domain/exchange
external using https://81.1x1.2x4.2x6/exchange

which is fine as everyone can gain access, however there are alot of problems surrounding the certificate, which is out of date and obviously self signed anyway.
I do have access to gain fully trusted certificates for the site, however at the moment obviously our CSR file doesn't seem to have any of the below except the common name which is http://192.168.xxx.1/exchange
countryName =
stateOrProvinceName =
localityName =
organizationName =
organizationalUnitName =
commonName = (only occupied field of information)


What i really need help with here is a decent explanation of how to possibly keep the ".local" domain name on the current server, allow for a external domain such as owa.domain.org.uk to be used for external access and have the CSR file recognise this information in order to use a trusted certificate.

All ideas welcome.
thanks
peterh40's Avatar
Computer Specs
Member with 1,259 posts.
 
Join Date: Apr 2007
Location: England
Experience: Advanced
24-Jul-2012, 02:03 PM #2
You need to create a multi-name certificate with Alt-subject names listed, you have as many as you like including the .local names.
The certificate wizard with IIS 6 can create certificates but can be problematic for more complex CSRs, I use a free tool called OpenSSL or you can use the Keytool.exe that comes with Java JRE, to create your certificates. See
http://therowes.net/~greg/2008/01/08...ple-hostnames/
neil21stirling's Avatar
neil21stirling neil21stirling is offline
Member with 606 posts.
THREAD STARTER
 
Join Date: Sep 2007
Location: Fife, Scotland
Experience: Advanced
27-Jul-2012, 03:20 AM #3
thanks for the info,
will look over the link you have given and get back to you with any results of what i try.
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑

Content Relevant URLs by vBSEO 3.3.2