"Les Connor [SBS MVP]" <les.connor@newsgroup> wrote in message
> Good stuff, thanks Ace.
> I'm the guy that's never used a 3rd party cert, ever, with SBS ;-). Always
> used the self signed certs, and always able to make them do. Worst case is
> locked mobile devices, but that's worked around by converting the cert to
> a .cab file.
For my own Ex2007, I never bought a public cert, but I haven't any cases
where I would need it. When connecting to OWA, I would just click on the
trust this cert message. However, I just replaced my BB with an HTC Touch
Pro 2 I picked up last night. Cool phone. Screen's a hair larger than the
iPhone, brighter, too! However, it's Windows Mobile. Guess what? Cert issue
time! So instead of dealing with the cert, I thought let me just get a
single name cert (non UC/SAN) and see if it works. Since I set this domain
up back in 1999 when AD first came out, the mindset and consensus was to use
your public name, so I never changed that. It's only me and a few people
that use the domain. So I figured, what the heck, a single name cert would
work internally and externally for mail.mydomain.com, and I have the same
record created internally. Well, the thing worked fine with the Windows
mobile. It synched up fine. It also works fine for my OWA site, since you
can enable that in Exchange to use the cert for other purposes other than
just internally, such as for IIS, SMTP, IMAP and POP. However, I know I will
have an issue with Outlook Anywhere due to the Autodiscover record, but I
don;t use that anyway. If it comes down to it, and I need that function, I
will dish out the extra $$ for a UC/SAN cert. And here I am using a single
cert for limited capabilities, but I keep pushing to get a UC/SAN cert to my
customers. I figured if they ever need the other functionality, I don;t want
to deal with installing certs on their mobile units, or some of their remote
employees that hardly come into the office and are using Outlook Anywhere.
I guess you can call me the landscaper with the tallest lawn on the block!