Exchange 2010 Without SSL
-
Tuesday, June 12, 2012 5:23 PM
Hi
We have Exchange 2003 running in our environment. We are planning to upgrade to Exchange 2010. In the current environment we do not use any certificates installed to secure Exchange services (OWA, ActiveSync, Outlook). When users are on Internet, they first dial into a SSL VPN appliance (Juniper device) to connect to Intranet and then access the Exchange 2003 services. Since we now want to install Exchange 2010 into existing Exchange 2003 organization we have to setup co-existence and want to keep the same topology (VPN Access from Internet). From this description there are questions that I need to clarify before thinking of deployment:
- Can Exchange 2010 be installed and operated without SSL certificate?
- If yes, how can we ensure ActiveSync and Outlook Anywhere, Autodiscover access from the Internet?
- Will this be a challenge from co-existence stand-point (Legacy Name etc..)?
- What are the services those cannot work without SSL configuration?
- Is there an official statement from Microsoft that states “It is not supported”?
Regards
Taranjeet Singhzamn
All Replies
-
Tuesday, June 12, 2012 5:34 PM
-
Tuesday, June 12, 2012 5:37 PMModerator
Hi
- Can Exchange 2010 be installed and operated without SSL certificate? Yes
- If yes, how can we ensure ActiveSync and Outlook Anywhere, Autodiscover access from the Internet? The services can be accessible
- Will this be a challenge from co-existence stand-point (Legacy Name etc..)? No
- What are the services those cannot work without SSL configuration? Nil
- Is there an official statement from Microsoft that states “It is not supported”? You may see the page to disable the default SSL requiremet: http://technet.microsoft.com/en-us/library/ee633481.aspx
Regards from www.windowsadmin.info | www.blog.windowsadmin.info
-
Tuesday, June 12, 2012 6:23 PM
It is "not recommended" from a security point of view as you'll be passing passwords between clients and servers in clear-text.Is there an official statement from Microsoft that states “It is not supported”?
Program Manager, Exchange Customer Advisory Team
MCSA 2000/2003
MCTS: Win Server 2008 AD, Configuration MCTS: Win Server 2008 Network Infrastructure, Configuration
MCITP: Enterprise Messaging Administrator 2010
Former Microsoft MVP, Exchange Server
NOTICE: My posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.- Proposed As Answer by wendy_liuMicrosoft Contingent Staff, Moderator Thursday, June 14, 2012 10:31 AM
-
Thursday, June 14, 2012 3:36 PM
Hi
Could you please share some more information how the Outlook Anywhere and ActiveSync devices can connect over the Internet with the HTTP configuration ? What different steps we need to take to make them working.
Also, we'll be using Hardware Load Balancers to load balance the CAS servers, will there be an issue with HLB without SSL ? Can't forsee much in it.
Regards
Taranjeet Singh
zamn
- Edited by Taranjeet Singh Thursday, June 14, 2012 6:02 PM
-
Wednesday, June 27, 2012 9:34 AMModerator
Hi ,
Maybe the following article can help you.
Understanding Security for Outlook Anywhere:
http://technet.microsoft.com/en-us/library/bb430792
Understanding Exchange ActiveSync:
http://technet.microsoft.com/en-us/library/aa998357.aspx
Understanding Load Balancing in Exchange 2010:
http://technet.microsoft.com/en-us/library/ff625247.aspx
Wendy Liu
TechNet Community Support
.png)
