As I developed the documentation for the Microsoft Exchange Server 2007 Domain Security feature set, I used the self-signed certificates that are generated by the New-ExchangeCertificate cmdl...
Updated Jul 01, 2019
Version 2.0
Blog Post
7 MIN READ
Exchange 2007 lessons learned - generating a certificate with a 3rd party CA
Hi,
We made a setup of multi-role E2K7 Server (MBX/CAS/HUB, named e2k7domain.int
on our internal network), now we want to achieve greater security and
enhancements for our external/mobile clients using OWA, EAS and OAW with ISA
Server 2006 and Edge Transport Server.
Since we are going to replace the now in use external firewall (Cisco) with
ISA Server 2006 to fully protect our WAN/LAN/DMZ network, we are going to
put the ISA on the internet with a public ip-adress and then the Edge
Transport server behind it (on a DMZ).
We have red through the Ms article
http://www.microsoft.com/technet/isa/2006/deployment/exchange.mspx for the
publishing of the websites etc. Not much info here about coexistence with
Edge Transport and different solutions scenarios. We are also unsure if we
can stick with our CA certificate with multiple SANs since we have red that
this isn't supported yet on ISA Server 2006. And since we also are running
in an environment with different internal domain (domain.int) and external
domain (domain.com) we also have questions how to successfully use our
requested certificate on our internal CAs server on the multiple websites
(CAS/ISA etc). We are using the guide
http://technet.microsoft.com/en-us/library/aa995942.aspx and this works all
fine now (externally/internally) when we only so far are running the
multi-role E2K7 (MBX/CAS/HUB), but as mentioned abowe we are seeing coming
problem with the certificate beeing activated correctly on the ISA server.
We are in need of hints and recommendations when it comes to publishing the
certificate and also for guides, white papers etc when it comes to Edge
Transport and ISA Server 2006 coexistence and common scenarios.
All types of responds when it comes to this are highly appreciated!
Thanks in advance,
Richard
We made a setup of multi-role E2K7 Server (MBX/CAS/HUB, named e2k7domain.int
on our internal network), now we want to achieve greater security and
enhancements for our external/mobile clients using OWA, EAS and OAW with ISA
Server 2006 and Edge Transport Server.
Since we are going to replace the now in use external firewall (Cisco) with
ISA Server 2006 to fully protect our WAN/LAN/DMZ network, we are going to
put the ISA on the internet with a public ip-adress and then the Edge
Transport server behind it (on a DMZ).
We have red through the Ms article
http://www.microsoft.com/technet/isa/2006/deployment/exchange.mspx for the
publishing of the websites etc. Not much info here about coexistence with
Edge Transport and different solutions scenarios. We are also unsure if we
can stick with our CA certificate with multiple SANs since we have red that
this isn't supported yet on ISA Server 2006. And since we also are running
in an environment with different internal domain (domain.int) and external
domain (domain.com) we also have questions how to successfully use our
requested certificate on our internal CAs server on the multiple websites
(CAS/ISA etc). We are using the guide
http://technet.microsoft.com/en-us/library/aa995942.aspx and this works all
fine now (externally/internally) when we only so far are running the
multi-role E2K7 (MBX/CAS/HUB), but as mentioned abowe we are seeing coming
problem with the certificate beeing activated correctly on the ISA server.
We are in need of hints and recommendations when it comes to publishing the
certificate and also for guides, white papers etc when it comes to Edge
Transport and ISA Server 2006 coexistence and common scenarios.
All types of responds when it comes to this are highly appreciated!
Thanks in advance,
Richard