Certificate on Exchange

Certificates play an important role in the exchange environment because of clients connection relays heavily on the HTTPS protocol. In Exchange 2010 the RPC/TCP and also the RPC/HTTP (Outlook Anywhere) could be configured but in 2016 the MAPI/HTTPS is preferred. Therefore a certificate needs to be correctly configured.

Installing Certificate Authority

Since Microsoft Certificate Authority is a role service in Windows Server which can be easily added an ideal choice to use it an Internal Certificate Authority (CA).

It issues and manages certificates. Request issued to the CA can be manual or automatic. Than CA Administrator approves or declines the certificate request. Finally CA issues the certificate.

Let’s take a look at the PKI (Public Key Infrstructure)

A certificate is a special digitally signed file

Certificate contains:

  • Information about the certificate holder (computer, user, device)
  • Has a public key and a private key (the private key only accessible to the person holds the certificate)
  • Information about the CA that issued the certificate

Once the certificate holder recieves a certificate it goes and asks for the certificate revocation list (CRL) from the CA to see whether its certification is revoked or not.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s