Posted by DFM on Feb 14, 2014
Working With An Exchange 2010 SSL Certificate

Working With An Exchange 2010 SSL Certificate

Working With An Exchange 2010 SSL CertificateIf you have never worked with Exchange Server 2010, you come to realize sooner than later that you need to fully comprehend the relationship between SSL certificates and Exchange 2010 and why you need an Exchange 2010 SSL Certificate. In versions prior to Exchange Server 2007, it was possible to deploy an Exchange server and there was no requirement for SSL in any communication. So when you were working with Exchange Server 2003, just for example, it was smart to first install an SSL certificate. This could be used for IIS and SSL could be used for external access, like ActiveSync or Outlook Web Express. At the time, however, this was not mandatory, and you can still find older Exchange environments that will grant external access even though the HTTP connection is not secure. Starting with Exchange Server 2007 and continuing with the 2010 release, Microsoft has updated the default behavior. Now an Exchange 2010 SSL Certificate is required to perform most services, whether they are used externally or internally. What this means is that a recently installed Exchange 2010 server hosting the Client Access server now will have SSL enforced for a variety of basic services, including Outlook Anywhere, the Outlook Web App, and ActiveSync. If you are the administrator, it is possible to disable the SSL requirement. However, it is much better to protect communications taking place on the Exchange Server 2010 with SSL encryption instead of just allowing them to be transferred over an HTTP connection that is not secure. By default, the SSL requirement is turned on in the Exchange 2007 and Exchange 2010 servers and they come with a self-signed SSL certificate already installed. Even though this type of certificate is secure, connecting clients and outside devices will not trust it because it is self-signed.