Exchange 2007 certificates - My Eyes Are Bleeding
22 June 2007I’ve read Sembee’s post. I’ve read the Exchange 2007 Wiki. I’ve read through a dozen community forum posts and TechNet pages. At this point, I’m thankful that I wasn’t the one selected to write the “Security” chapter in the Exchange Server 2007 Administrator’s Companion. Is it just me or has Microsoft made securing Exchange 2007 about as much fun as gouging out your own eyes with a dull spoon?
We’re running a single server and will be using ActiveSync, Outlook Anywhere (RPC over HTTP), Outlook 2003/2007, Unified Messaging and OWA. My understanding is that securing ActiveSync with our existing wildcard certificate won’t work since Windows Mobile devices have issues with such certificates. So now I’m looking at one of the new Unified Communication certificates that provide a subject alternate name field so that one certificate can protect multiple URLs. I could go the Sembee route and create a bunch of different web sites, but I suspect that doing so in my environment will just lead to future administrative hassles. We don’t use ISA (which, from what I read, does not support the new Unified Communication certificates, so I think we’d be ok.
Now, what the heck do I actually need to protect? As soon as I work it all out, I’ll report back.
No comments yet
Leave a Reply
You must be logged in to post a comment.