Ureader.com  
Microsoft software help and Community
   home   |   control panel login   |   archive   |  
 
Exchange
2000.active.directory
2000.admin
2000.announcements
2000.app.conversion
2000.applications
2000.clients
2000.clustering
2000.connectivity
2000.development
2000.documentation
2000.general
2000.information.store
2000.interop
2000.kms
2000.misc
2000.protocols
2000.realtime.collabo.
2000.setup
2000.transport
2000.win2000
admin
application.conversion
applications
clients
clustering
connectivity
design
development
misc
mobility
setup
tools
  
 
date: Fri, 16 May 2008 15:35:41 -0700,    group: microsoft.public.exchange.setup        back       


What type of Certificate is needed for CAS 2007 server    
We are going to be replacing our OWA 2003 server with a CAS 2007 server in 
preparation for an Exchange 2007 migration. Today, the OWA server handles 
Outlook Mobile Access, Outlook Web Access, and RPC/HTTPS redirects for our 
clients. In the new environment, the CAS server will handle the same 
requests. We are not deploying any unified messaging at this point.

What type of certificate is required on the CAS server? I am being told a UC 
certificate is required, however I am reading that a simple SSL certificate 
will perform all of the functions.

Please help!

Steve
date: Fri, 16 May 2008 15:35:41 -0700   author:   Steven Reese ail

Re: What type of Certificate is needed for CAS 2007 server    
On Fri, 16 May 2008 15:35:41 -0700, "Steven Reese"
<lysdexia@noemail.noemail> wrote:

>We are going to be replacing our OWA 2003 server with a CAS 2007 server in 
>preparation for an Exchange 2007 migration. Today, the OWA server handles 
>Outlook Mobile Access, Outlook Web Access, and RPC/HTTPS redirects for our 
>clients. In the new environment, the CAS server will handle the same 
>requests. We are not deploying any unified messaging at this point.
>
>What type of certificate is required on the CAS server? I am being told a UC 
>certificate is required, however I am reading that a simple SSL certificate 
>will perform all of the functions.
>
>Please help!
>
>Steve 


If you want to support autodiscovery for external Outlook ANywhere
clients, for ease of use and management a UCC cert makes sense.

owa.yourdomain.com
autodiscover.yoursmtpdomain.com
date: Fri, 16 May 2008 20:07:14 -0400   author:   Andy David {MVP}

RE: What type of Certificate is needed for CAS 2007 server    
Hello Steven,

Thank you for your post. My name is Robbin Meng, and it is my pleasure to 
work with you on this issue! 

Please allow me to confirm that my understandings are correct. As I 
understand it, the issue is:

You would like to add a new Exchange server 2007 as the CAS server role to 
replace the previous Exchange 2003 server which ever handles Outlook Mobile 
Access, Outlook Web Access, and RPC/HTTPS redirects for clients.

If I have misunderstood your concerns please feel free to let me know.

What do mean by "UC certificate is required"? As far as I know, there isn't 
any special certificate needed for you. 

Actually, if you would like to use Autodiscovery, you may transfer Exchange 
Server 2003 Certificate to Exchange Server 2007 Autodiscover Server

In this scenario you have a certificate you are already using on an 
Exchange Server 2003 server and want to implement it on your new Client 
Access Server. This scenario would only be applicable in an environment 
where your presence on the Internet might be a single namespace such as 
domain.com and the certificate you have is issued to domain.com. This would 
require https://domain.com/Autodiscover/Autodiscover.xml to be accessible 
from the Internet.

1.	On the server where Microsoft Exchange Server 2003 is installed use 
Certificate Manager to export the certificate as a .pfx file from the 
server.
2.	Copy the .pfx file to the new Microsoft Exchange Server 2007 Client 
Access Server.
3.	Import the pfx certificate file using the Import-ExchangeCertificate 
cmdlet as in previous scenario examples.
4.	To enable the certificate for use on the server use the 
Enable-ExchangeCertificate cmdlet as in previous scenario examples. 

Hope this helps. Also, if you have any questions or concerns, please do not 
hesitate to let me know. 

Thank you for your time and cooperation!


Best regards,

Robbin Meng(MSFT)

Microsoft CSS Online Newsgroup Support

Get Secure! - www.microsoft.com/security

=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues 
regarding other Microsoft products, you'd better post in the corresponding 
newsgroups so that they can be resolved in an efficient and timely manner. 
You can locate the newsgroup here: 
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

When opening a new thread via the web interface, we recommend you check the 
"Notify me of replies" box to receive e-mail notifications when there are 
any updates in your thread. When responding to posts via your newsreader, 
please "Reply to Group" so that others may learn and benefit from your 
issue.

Microsoft engineers can only focus on one issue per thread. Although we 
provide other information for your reference, we recommend you post 
different incidents in different threads to keep the thread clean. In doing 
so, it will ensure your issues are resolved in a timely manner. 

For urgent issues, you may want to contact Microsoft CSS directly. Please 
check http://support.microsoft.com for regional support phone numbers.

Any input or comments in this thread are highly appreciated.
=====================================================

This posting is provided "AS IS" with no warranties, and confers no rights.
date: Mon, 19 May 2008 11:33:40 GMT   author:   (Robbin Meng [MSFT])

Re: What type of Certificate is needed for CAS 2007 server    
On Mon, 19 May 2008 11:33:40 GMT, v-robmen@online.microsoft.com
("Robbin Meng [MSFT]") wrote:

>Hello Steven,
>
>Thank you for your post. My name is Robbin Meng, and it is my pleasure to 
>work with you on this issue! 
>
>Please allow me to confirm that my understandings are correct. As I 
>understand it, the issue is:
>
>You would like to add a new Exchange server 2007 as the CAS server role to 
>replace the previous Exchange 2003 server which ever handles Outlook Mobile 
>Access, Outlook Web Access, and RPC/HTTPS redirects for clients.
>
>If I have misunderstood your concerns please feel free to let me know.
>
>What do mean by "UC certificate is required"? As far as I know, there isn't 
>any special certificate needed for you. 

He means a UCC certificate. One that uses a Subject Alternative Name.

>
>Actually, if you would like to use Autodiscovery, you may transfer Exchange 
>Server 2003 Certificate to Exchange Server 2007 Autodiscover Server
>
>In this scenario you have a certificate you are already using on an 
>Exchange Server 2003 server and want to implement it on your new Client 
>Access Server. This scenario would only be applicable in an environment 
>where your presence on the Internet might be a single namespace such as 
>domain.com and the certificate you have is issued to domain.com. This would 
>require https://domain.com/Autodiscover/Autodiscover.xml to be accessible 
>from the Internet.
>
>1.	On the server where Microsoft Exchange Server 2003 is installed use 
>Certificate Manager to export the certificate as a .pfx file from the 
>server.
>2.	Copy the .pfx file to the new Microsoft Exchange Server 2007 Client 
>Access Server.
>3.	Import the pfx certificate file using the Import-ExchangeCertificate 
>cmdlet as in previous scenario examples.
>4.	To enable the certificate for use on the server use the 
>Enable-ExchangeCertificate cmdlet as in previous scenario examples. 
>
>Hope this helps. Also, if you have any questions or concerns, please do not 
>hesitate to let me know. 
>
>Thank you for your time and cooperation!
>
>
>Best regards,
>
>Robbin Meng(MSFT)
>
>Microsoft CSS Online Newsgroup Support
>
>Get Secure! - www.microsoft.com/security
>
>=====================================================
>This newsgroup only focuses on SBS technical issues. If you have issues 
>regarding other Microsoft products, you'd better post in the corresponding 
>newsgroups so that they can be resolved in an efficient and timely manner. 
>You can locate the newsgroup here: 
>http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
>
>When opening a new thread via the web interface, we recommend you check the 
>"Notify me of replies" box to receive e-mail notifications when there are 
>any updates in your thread. When responding to posts via your newsreader, 
>please "Reply to Group" so that others may learn and benefit from your 
>issue.
>
>Microsoft engineers can only focus on one issue per thread. Although we 
>provide other information for your reference, we recommend you post 
>different incidents in different threads to keep the thread clean. In doing 
>so, it will ensure your issues are resolved in a timely manner. 
>
>For urgent issues, you may want to contact Microsoft CSS directly. Please 
>check http://support.microsoft.com for regional support phone numbers.
>
>Any input or comments in this thread are highly appreciated.
>=====================================================
>
>This posting is provided "AS IS" with no warranties, and confers no rights.
date: Mon, 19 May 2008 07:51:49 -0400   author:   Andy David {MVP}

Google
 
Web ureader.com


    COPYRIGHT 2007, YARDI TECHNOLOGY LIMITED, ALL RIGHT RESERVE  |   contact us