Forefront Edge Security TechCenter >
Forefront Edge Security Forums
>
Forefront Edge Security - Publishing
>
how to install certificate
how to install certificate
- Hi,
We have a test domain with Exchange 2010 and ISA TMG beta3, the internal domain mydomain.local, external domain www.mydomain.com.
I got a SSL certificate mail.mydomain.com, now can some one direct me to an step-by-step doc on what should I do next?
Thanks,
Shahin
Shahin
Answers
- Hi, Shahin!
By default if you don't have internal CA, Exchange creates self-signed certificate and use them to sign communications between exchange Servers. Adding SSL to channell between TMG and Exchange will create higher CPU Utilization on both servers (to encrypt/decrypt SSL channel), but if you have new servers and decide that you have apropriatve CPU capacity, you can enable securing traffic between these servers. I have following links for you:
http://technet.microsoft.com/en-us/library/dd896990.aspx - about Certificates in TMG
http://technet.microsoft.com/en-us/library/bb794751.aspx - publishing Exchange 2007 on ISA 2006, there you can find some helpful info
MCSE: M+S, SMS/SCCM, CCNA- Proposed As Answer byNick Gu - MSFTMSFT, ModeratorTuesday, September 22, 2009 9:51 AM
- Marked As Answer byNick Gu - MSFTMSFT, ModeratorFriday, September 25, 2009 5:43 AM
All Replies
- Hi, Shahin!
I hope the following doc will help you http://isaserver.org/tutorials/Publishing-Outlook-Web-Access-Microsoft-Forefront-TMG.html
MCSE: M+S, SMS/SCCM, CCNA - Shanin, You will need to import the certificate into the Certificate Store (Local Computer) on the TMG Server and then you will see it as a choice when you set up the listener. Make sure the certificate contains the private key.
- Hi Sergey,
Thanks for your reply,
I did read the link that you sent it has good info in it, but my problem is what to do whit certificate that I bought, what is the next step?
do I have to install this cerificate only in TMG as this Doc mentioned? or install it in TMG and Exchange 2010 server as wel?
Thanks,
Shahin
Shahin - Hi Keith,
Thanks for your relpy as always,
Do know any step-by-step doc on this subject?
Thanks,
Shahin
Shahin - Hi, Shahin!
For HTTPS OWA Access Publishing you should import your certificate to TMG Server (Computer Certificates Store). Additionally if you want to secure access between TMG and Exchange servers you should enable HTTS on internal Exchange Server, and import certificate to computer store on Exchange Server
MCSE: M+S, SMS/SCCM, CCNA - Hi Sergey,
So this means I have to import the certificate (mail.mydomain.com) that I bought to TMG server, then you said to secure the connection between the TMG and Exchange we should import the Exchange certificate to TMG, do you mean the exchange default certifiate that was created when we installed Ex2010? secound question: is it nececry to secure the connection between TMG and exchange 2010?
Thanks,
Shahin
Shahin - Hi, Shahin!
By default if you don't have internal CA, Exchange creates self-signed certificate and use them to sign communications between exchange Servers. Adding SSL to channell between TMG and Exchange will create higher CPU Utilization on both servers (to encrypt/decrypt SSL channel), but if you have new servers and decide that you have apropriatve CPU capacity, you can enable securing traffic between these servers. I have following links for you:
http://technet.microsoft.com/en-us/library/dd896990.aspx - about Certificates in TMG
http://technet.microsoft.com/en-us/library/bb794751.aspx - publishing Exchange 2007 on ISA 2006, there you can find some helpful info
MCSE: M+S, SMS/SCCM, CCNA- Proposed As Answer byNick Gu - MSFTMSFT, ModeratorTuesday, September 22, 2009 9:51 AM
- Marked As Answer byNick Gu - MSFTMSFT, ModeratorFriday, September 25, 2009 5:43 AM
