Starting with Exchange Server 2007, we added protection for Exchange data paths to Client Access Servers using SSL . SMTP communication between transport servers is also protected using TLS ....
Updated Jul 01, 2019
Version 2.0
Blog Post
I'm having an issue where my Client Access Server has Direct Access. I don't use a proxy server to get to the Internet. I've assigned a certificate from an Internal Microsoft PKI CA server and it still fails to verify the certificate status because the revocation check failed.
OS-Windows Server 2008 R2
Exchange 2010 RTM Client Access Role installed - only role
Any tips?
I've gone into IEInternet OptionsConnectionsLAN Settings Local Area Network (LAN) Settings
I've checked Use a proxy server for your LAN. Then, Ticked the box to "Bypass proxy server for local addresses", I've even clicked "Advanced" and in the Exceptions entered *.localdomain of the domain the Issuing CA is in and the *.localdomain this Client Access Server is in.
Then I UnTick the box "Use a proxy server for your lan". Since I don't want to use a proxy because this server has Direct Access.
Again this is trying to verify the status of an internally assigned PKI Certificate.
When I open the certificate and get the http address for where the CRL is located and copy and paste that into Internet Explorer it prompts me if I want to Open/Save/Cancel so I can get to that site.
When I open ADSI on this server to verify the LDAP path of the crl in the configuration partition I find it there successfully.
Any help is greatly appreciated.
Joe S.
OS-Windows Server 2008 R2
Exchange 2010 RTM Client Access Role installed - only role
Any tips?
I've gone into IEInternet OptionsConnectionsLAN Settings Local Area Network (LAN) Settings
I've checked Use a proxy server for your LAN. Then, Ticked the box to "Bypass proxy server for local addresses", I've even clicked "Advanced" and in the Exceptions entered *.localdomain of the domain the Issuing CA is in and the *.localdomain this Client Access Server is in.
Then I UnTick the box "Use a proxy server for your lan". Since I don't want to use a proxy because this server has Direct Access.
Again this is trying to verify the status of an internally assigned PKI Certificate.
When I open the certificate and get the http address for where the CRL is located and copy and paste that into Internet Explorer it prompts me if I want to Open/Save/Cancel so I can get to that site.
When I open ADSI on this server to verify the LDAP path of the crl in the configuration partition I find it there successfully.
Any help is greatly appreciated.
Joe S.