Home   Kaiming

layout

DNS

Addresses for the OWA access

configuration2

At Ex20071

Configuring IIS to support multiple DNS domains

iis1

IIS2

iis3

https://ex20071
https://ex20071.work.com
https://mail.work.com
https://autodiscover.work.com
https://mail.house.com
https://mail.issac.com
https://mail.newton.com

Set-OwaVirtualDirectory -id "OWA (Default Web Site)" -LogonFormat PrincipalName

To restart IIS, run the following command: "iisreset /noforce".

For IIS to use https://, a certificate with multiple DNS names is required.

Assuming the Microsoft Certificate Authority is installed as Standalone Root.

Layout2

Assuming the DNS registered name is mail.work.com. The mail.work.com is publically registered.

At Ex20071 computer:

New-ExchangeCertificate -GenerateRequest -subjectname "dc=com,dc=work,cn=mail.work.com" -domainname ex20071.work.com,ex20071,mail.work.com, autodiscover.work.com,mail.house.com,mail.newton.com,mail.issac.com -PrivateKeyExportable $true -path c:\certrequest.txt

Open c:\certrequest.txt in Notepad.exe and copy all the code.

CA1

Install CA certificate chain on all workstations

HTTP://Paula/certsrv/

Request a certificate

View the status of a pending certificate request

Download a CA certificate, certificate chain, or CRL

Download a CA Certificate, Certificate Chain, or CRL

To trust certificates issued from this certification authority, install this CA certificate chain.

ca2

Request Web Server certificate for EX20071

HTTP://Paula/certsrv/

Request a certificate

View the status of a pending certificate request

Download a CA certificate, certificate chain, or CRL

Request a Certificate

Select the certificate type:
--Web Browser Certificate

--E-Mail Protection Certificate

--Or, submit an advanced certificate request.

Advanced Certificate Request

The policy of the CA determines the types of certificates you can request. Click one of the following options to:
Create and submit a request to this CA.

Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file.

ca3

At Paula, the CA:

Issue

At Ex20071:

http://Paula/certsrv

Request a certificate

View the status of a pending certificate request

Download a CA certificate, certificate chain, or CRL

Ca5

CA6

CA7

Import-ExchangeCertificate –Path C:\certnew.p7b

CA8

Enable-ExchangeCertificate –Services SMTP,POP,IIS –Thumbprint 21496911E3AC56164F06B4C84FB523C2A54C7AC8

CA9

Workstations

Trusting the certificate authority

For workstations that are members of the work.com domain;

http://paula/certsrv

Request a certificate

View the status of a pending certificate request

Download a CA certificate, certificate chain, or CRL

DER
Base 64

Download CA certificate

Download CA certificate chain

Download latest base CRL

 

Save it as c:\certnew.cer.

Default Domain Policy

CA10

CA11

CA12

CA13

For a workstation that are not a member of the work.com domain;

http://Paula.work.com/certsrv

Request a certificate

View the status of a pending certificate request

Download a CA certificate, certificate chain, or CRL

Download a CA Certificate, Certificate Chain, or CRL

To trust certificates issued from this certification authority, install this CA certificate chain.

CA14

CA15

OWA access

https://mail.house.com
https://mail.issac.com
https://mail.newton.com

Home