Difference between revisions of "Using Your Own SSL Certificate"
| [unchecked revision] | [unchecked revision] |
| Line 11: | Line 11: | ||
One option for resolving this issue is to make the server on which MailStore Server is installed available under the host name ''MailStoreServer'' (e.g. by adding and A- or CNAME record in the DNS) and installing the certificate in the container of trustworthy root certification authorities on the clients. Because these installations involve a relatively high administrative overhead, MailStore Server provides the option to use signed certificates of your own company CA or certificates of a public certification provider (e.g. VeriSign, eTrust etc.). | One option for resolving this issue is to make the server on which MailStore Server is installed available under the host name ''MailStoreServer'' (e.g. by adding and A- or CNAME record in the DNS) and installing the certificate in the container of trustworthy root certification authorities on the clients. Because these installations involve a relatively high administrative overhead, MailStore Server provides the option to use signed certificates of your own company CA or certificates of a public certification provider (e.g. VeriSign, eTrust etc.). | ||
| − | + | To configure MailStore Server for the use of your own certificate, please proceed as follows: | |
== Installing the Certificate == | == Installing the Certificate == | ||
| Line 23: | Line 23: | ||
* In the management console, select ''My Certificates | Certificates''. | * In the management console, select ''My Certificates | Certificates''. | ||
* Right-click on the folder ''Certificates'' and select ''All Tasks | Import''. | * Right-click on the folder ''Certificates'' and select ''All Tasks | Import''. | ||
| − | * | + | * Follow the instructions in the wizard and select the file containing the certificate and the private key, if applicable. |
| − | * | + | * On the page ''Certificate Store'' select the container ''My Certificates'' and finish the wizard. |
| − | * | + | * The certificate is now shown in the container ''My Certificates''. |
| − | * | + | * To verify this and to make sure that the private key for the certificate is available, open the certificate with a double-click. |
: [[Datei:Private_key.png|300px|center]] | : [[Datei:Private_key.png|300px|center]] | ||
| Line 32: | Line 32: | ||
== Using the Certificate with MailStore Server == | == Using the Certificate with MailStore Server == | ||
| − | * Open the | + | * Open the MailStore Server base configuration. |
| − | * Select | + | * Select ''Web Access/Outlook Add-in'' and click on ''Configure HTTP/HTTPS Access''. |
* Click on ''Select Certificate'' and choose the new certificate. | * Click on ''Select Certificate'' and choose the new certificate. | ||
* Confirm your entries and restart the MailStore Server service. | * Confirm your entries and restart the MailStore Server service. | ||
Revision as of 20:19, 23 November 2010
Background
During the installation of MailStore Server, an SSL certificate is generated which MailStore Web Access/Outlook Add-In can use for access via HTTPS. Since the certificate is issued to the server name MailStoreServer and does not come from a reliable certification authority (CA), it is not trusted by the client side.
Because of this, the following warning message is displayed when calling up MailStore Web Access via HTTPS (SSL):
One option for resolving this issue is to make the server on which MailStore Server is installed available under the host name MailStoreServer (e.g. by adding and A- or CNAME record in the DNS) and installing the certificate in the container of trustworthy root certification authorities on the clients. Because these installations involve a relatively high administrative overhead, MailStore Server provides the option to use signed certificates of your own company CA or certificates of a public certification provider (e.g. VeriSign, eTrust etc.).
To configure MailStore Server for the use of your own certificate, please proceed as follows:
Installing the Certificate
- Log on to the server as administrator.
- Click on Start | Execute.
- Execute the command mmc.
- Select File | Add/Remove Snap-In | Add| Certificate.
- Select Local Computer Account and then Local Computer.
- Click on Finish and close any open dialog windows.
- In the management console, select My Certificates | Certificates.
- Right-click on the folder Certificates and select All Tasks | Import.
- Follow the instructions in the wizard and select the file containing the certificate and the private key, if applicable.
- On the page Certificate Store select the container My Certificates and finish the wizard.
- The certificate is now shown in the container My Certificates.
- To verify this and to make sure that the private key for the certificate is available, open the certificate with a double-click.
Using the Certificate with MailStore Server
- Open the MailStore Server base configuration.
- Select Web Access/Outlook Add-in and click on Configure HTTP/HTTPS Access.
- Click on Select Certificate and choose the new certificate.
- Confirm your entries and restart the MailStore Server service.
