If you only run Exchange for an internal network and never want to allow access from the Internet, the set of self-published certificates installed on Exchange 2010 servers when they are installed by the setup program is sufficient for your purposes, as long as you’re willing to have OWA clients install the self-signed certificates to avoid the nagging warnings from browsers that you’re connecting to an untrusted site when you start OWA. To get around the problem, install the self-signed certificate from the Exchange CAS server that you use to connect to OWA in the trusted root certification authorities store on the PC (or use a Group Policy Object to distribute the certificate to multiple PCs around the organization). Afterward the ...

Get Microsoft® Exchange Server 2010 Inside Out now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.