| x404.co.uk http://www.x404.co.uk/forum/ |
|
| The right certificate... http://www.x404.co.uk/forum/viewtopic.php?f=4&t=11768 |
Page 1 of 1 |
| Author: | big_D [ Sat Dec 11, 2010 2:38 pm ] |
| Post subject: | The right certificate... |
I am trying to get a working self-signed certificate working on our Exchange server. The server is in a local network (sb2003.company.local), but has port forwarding on the firewall pointing to it for the mail server (mail.company.de). The current self-signed certificate is for sb2003.company.local, which is clearly wrong for devices trying to get an SSL connection to the mail server. Some devices/browsers say that the certificate is invalid, but let you continue, even though the SSL cert is for a totally different domain. Other devices refuse to accept a connection, because the domain is mail.company.de and the cert if for sb2003.company.local... I tried creating a mail.company.de self-signed certificate on the server, but the OWA/EAS web services refused to start, because the certificate was invalid... Long term, we will probably need to get a properly signed certificate from Versisign or similar, as we will need to start producing some signed macros etc. as well. But how the heck to I get around the problem in the short term, using a self-signed cert. |
|
| Author: | tombolt [ Sat Dec 11, 2010 3:48 pm ] |
| Post subject: | The right certificate... |
Probably no help at all, but I just tell everyone to tell their computer to trust it and add an exception. There's only five of us though! |
|
| Author: | big_D [ Sun Dec 12, 2010 8:22 am ] | |||||||||
| Post subject: | Re: The right certificate... | |||||||||
That's the problem, the devices won't accept the certificates. They say they are not only not officially signed, which you can get around and accept the certificate, but that the certificate belongs to the wrong domain. They won't let you override that... |
||||||||||
| Author: | tombolt [ Sun Dec 12, 2010 10:43 am ] | ||||||||||||||||||
| Post subject: | The right certificate... | ||||||||||||||||||
Apologies, misunderstood, it's clearer now! |
|||||||||||||||||||
| Author: | rustybucket [ Sun Dec 12, 2010 11:38 am ] |
| Post subject: | Re: The right certificate... |
I know I'm being dumb but... ... would you not be better moving the server to something like sb2003.local.company.de? I can feel the failhammer coming... |
|
| Author: | tombolt [ Sun Dec 12, 2010 4:11 pm ] |
| Post subject: | The right certificate... |
I have feeling that in kerio you can have more than one certificate and I would have thought exchange would be similar. Can't check at the moment though. |
|
| Author: | saspro [ Mon Dec 13, 2010 12:16 pm ] |
| Post subject: | Re: The right certificate... |
Run the SBS internet connection wizard & create the new self cert in there (use the external name) Save out your new cert to a file. Setup your personal homail account on your win7 phone Email the cert to your hotmail address Install on the phone from the email you sent to yourself Reboot the phone Have a cup of tea and wonder why it had to be this much of a ballache |
|
| Author: | big_D [ Tue Dec 14, 2010 5:16 am ] |
| Post subject: | Re: The right certificate... |
Thanks, I'll see I'll give it a go today, if I get a chance. |
|
| Page 1 of 1 | All times are UTC |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|
