1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: Exchange/OWA 2003 Help (certificates and external access)

Discussion in 'Windows Server' started by neil21stirling, Jul 23, 2012.

Thread Status:
Not open for further replies.
  1. neil21stirling

    neil21stirling Thread Starter

    Sep 12, 2007
    Hi guys,

    forgive the long explanation but here's my problem,
    Inherited an issue at my work with our Small business server, running exchange 2003 for the entire organisation.
    My issue is that previously there was a self signed certificate in use for OWA etc,
    however some changes were recently made in the way of a server upgrade and change of broadband providers, which also called the the removal of ISA.

    The domain for the server in question is using ".local" instead of a FQDN (which had been setup long before i started working for them)
    Access to OWA is fine both internal and external i.e. internal using //domain/exchange
    external using https://81.1x1.2x4.2x6/exchange

    which is fine as everyone can gain access, however there are alot of problems surrounding the certificate, which is out of date and obviously self signed anyway.
    I do have access to gain fully trusted certificates for the site, however at the moment obviously our CSR file doesn't seem to have any of the below except the common name which is http://192.168.xxx.1/exchange
    countryName =
    stateOrProvinceName =
    localityName =
    organizationName =
    organizationalUnitName =
    commonName = (only occupied field of information)

    What i really need help with here is a decent explanation of how to possibly keep the ".local" domain name on the current server, allow for a external domain such as owa.domain.org.uk to be used for external access and have the CSR file recognise this information in order to use a trusted certificate.

    All ideas welcome.
  2. peterh40


    Apr 15, 2007
    You need to create a multi-name certificate with Alt-subject names listed, you have as many as you like including the .local names.
    The certificate wizard with IIS 6 can create certificates but can be problematic for more complex CSRs, I use a free tool called OpenSSL or you can use the Keytool.exe that comes with Java JRE, to create your certificates. See
  3. neil21stirling

    neil21stirling Thread Starter

    Sep 12, 2007
    thanks for the info,
    will look over the link you have given and get back to you with any results of what i try.
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1062247