Difference between revisions of "Using Your Own SSL Certificate"
| [unchecked revision] | [unchecked revision] |
| Line 9: | Line 9: | ||
[[File:MSnotrust.png|300px|center]] | [[File:MSnotrust.png|300px|center]] | ||
| − | One option for resolving this issue is to make the server on which MailStore Server is installed available under the host name ''MailStoreServer'' (e.g. by adding | + | One option for resolving this issue is to make the server on which MailStore Server is installed available under the host name ''MailStoreServer'' (e.g. by adding an A- or CNAME record in the DNS) and installing the certificate in the container of trusted root certification authorities on the clients. Because these installations involve a relatively high administrative overhead, MailStore Server provides the option to use signed certificates of your own company CA or certificates of a public certification provider (e.g. VeriSign, eTrust etc.). |
To configure MailStore Server for the use of your own certificate, please proceed as follows: | To configure MailStore Server for the use of your own certificate, please proceed as follows: | ||
Revision as of 18:17, 1 December 2010
Background
During the installation of MailStore Server, an SSL certificate is generated which MailStore Web Access/Outlook Add-In can use for access via HTTPS. Since the certificate is issued to the server name MailStoreServer and does not come from a reliable certification authority (CA), it is not trusted by the client side.
Because of this, the following warning message is displayed when calling up MailStore Web Access via HTTPS (SSL):
One option for resolving this issue is to make the server on which MailStore Server is installed available under the host name MailStoreServer (e.g. by adding an A- or CNAME record in the DNS) and installing the certificate in the container of trusted root certification authorities on the clients. Because these installations involve a relatively high administrative overhead, MailStore Server provides the option to use signed certificates of your own company CA or certificates of a public certification provider (e.g. VeriSign, eTrust etc.).
To configure MailStore Server for the use of your own certificate, please proceed as follows:
Installing the Certificate
- Log on to the server as administrator.
- Click on Start | Execute.
- Execute the command mmc.
- Select File | Add/Remove Snap-In | Add | Certificate.
- Select Local Computer Account and then Local Computer.
- Click on Finish and close any open dialog windows.
- In the management console, select My Certificates | Certificates.
- Right-click on the folder Certificates and select All Tasks | Import.
- Follow the instructions in the wizard and select the file containing the certificate and the private key, if applicable.
- On the page Certificate Store select the container My Certificates and finish the wizard.
- The certificate is now shown in the container My Certificates.
- To verify this and to make sure that the private key for the certificate is available, open the certificate with a double-click.
Using the Certificate with MailStore Server
- Open the MailStore Server base configuration.
- Select Web Access/Outlook Add-in and click on Configure HTTP/HTTPS Access.
- Click on Select Certificate and choose the new certificate.
- Confirm your entries and restart the MailStore Server service.
