Microsoft Exchange and Active Directory Blog
This is the last part of the series of articles "Configuring certificates" for Exchange Server 2013 and Exchange 2016. The previous parts can be found here: Configuring certificates Part 1 Configuring certificates Part 2 Note: This part also builds on Part 1 and Part 2, so please be sure to read the first two parts first. This part is about ... Read more
I now receive emails every day with questions about certificates and/or Outlook Anywhere. The questions about Outlook Anywhere are usually also related to the certificates. In most cases, the emails end with a sentence similar to this one: Certificates are a red rag for me! The sentence comes from a mail that I received today ... Read more
In addition to Let's Encrypt, StartSSL also offers free SAN certificates for up to 5 domains with a term of 1 year for free. The certificates are supported by all common browsers and devices. The advantage of StartSSL over Let's Encrypt is that the certificates are valid for 1 year, compared to only 3 months with Let's Encrypt. The certificates must be ... Read more
Update 12.01.17: This article is outdated, here is an updated version: Exchange 2016: Free certificates from Let's Encrypt The new CA "Let's Encrypt" has been in the public beta phase for a few days now. The aim of Let's Encrypt is to issue SSL certificates easily. The certificates are also free of charge. The CA will ... Read more
The Windows CA is able to send mails to inform about processes. For example, when the service is stopped or started. However, it is not easy to configure manually. I have therefore slightly modified a script from the Technet so that it also works if the CA has not yet issued any certificates. Simply ... Read more
From 01.01.2016, Microsoft will declare SSL certificates with SHA1 as the hash algorithm invalid. Web servers or services that use certificates with SHA1 will therefore trigger certificate warnings in the user's browser. Therefore, SHA1 certificates should be replaced slowly but surely. In order for an internal CA to issue certificates with SHA256 (SHA2), the CA must ... Read more
