 |
 |
|
|
|
|
Welcome to the { mindfrost82.com } forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact contact us. |
|
|||||||
 |
|
|
LinkBack | Thread Tools | Search this Thread | Display Modes |
06-24-2008, 05:01 PM
|
|||
|
|||
|
Re: Certificate Authority
test post "wli2k2" wrote: > Thanks Mike, your reply is very detail, informative and useful. > > I also have another question. I did a chat with VeriSign and what I got out > of them was that I can use their SSL certificates to secure our email system. > (We are using Exhange 2000 with Outlook 2000/2003 clients.) They say we can > use the SSL certs to secure the emails we sent internally. But to secure > emails we sent to the outside world, we would need digital ids. > > Based on your knowledge, is this correct? > > thanks again. > > "Miha Pihler [MVP]" wrote: > > > Yes, you will be able to issue out SSL and other certificates. The > > difference is that any users that do not trust your CA server (no one will > > by default) visiting your SSL protected site will get a warning that looks > > like this http://freeweb.siol.net/mpihler/trusted.jpg. Reason as mentioned > > is that they do not trust CA server (your CA server) that issued the > > certificate for the site. That is the difference between VeriSign (and other > > trusted CA servers) and CA server that you set up for yourself. > > > > I usually tell my customers that it is OK for them to use their own CA to > > issue SSL certificates for sites that will only be used by their own > > employees (e.g. internally). It is pretty easy to make domain joint > > computers trust your own CA and its issued certificates. This way you can > > e.g. protect access to web based e-mail access, intranets etc. > > For sites that will be used by e.g. their customers I recommend using > > VeriSign (or other trusted agencies) since this would make solution more > > professional towards the customers. > > > > To see which certificates your computer and browser will trust open Internet > > Explorer, click on Tools -> Internet Options -> click on Content tab and > > Certificates button -> now click on Trusted Root Certificate Authorities. > > > > -- > > Mike > > Microsoft MVP - Windows Security > > > > > > "wli2k2" <wli2k2@discussions.microsoft.com> wrote in message > > news:07788D59-FAA5-4B1E-ACF1-E5C474E445FD@microsoft.com... > > > If I setup my own CA server (with Windows 2000/2003), I can issue out SSL > > > certificates, right? > > > > > > I mean, is it the same as buying SSL certificates (for VeriSign, etc.) > > > besides that I issued it myself? > > > > > > thanks. > > > > > > 
|
|
|
| Thread Tools | Search this Thread |
| Display Modes | |
|
|
Linear Mode
