SBS 2008: using cert and and Outlook anywhere

Discussion in 'Windows Small Business Server' started by GARETT - TVGTECH, Apr 15, 2009.

  1. In SBS 2003, we could generate a cert based on need.

    Now upgraded from 03 to 08. Client has dynamic DNS that points to their

    MX still point to
    Mail works fine just like in 03
    If you goto: or owa - it works

    NS have a Cname that points to
    (also a redirect in the NS control Panel)

    On LAN, outlook anywhere works fine(assuming that the server pushes out the
    cert when logging into mobile laptop)

    From Remote for mobile laptop, outlook anywhere does not connect.

    says server not available.(tried correct auth )
    Tried the test exchange site and it times out and cert fails.

    How can I generate my own unique cert like sbs 2003 for
    What other options should we do?


    GARETT - TVGTECH, Apr 15, 2009
    1. Advertisements

  2. You need to physically have the cert on the remote computer. With SBS 03,
    you could install the cert while remote, but not with SBS 08.

    But you can still generate your own certificate, which you've probably done

    In the SBS console, Network > Connectivity tab - click under Web Server
    Certificate, and then on the right hand side, Open Certificate Installation
    Package. You'll see a zip file - put that on a USB key and run it on the
    remote computer to install the certificate.

    There's an "announcement" on your companyweb with full details.
    Les Connor [SBS MVP], Apr 15, 2009
    1. Advertisements

  3. Thanks Les.

    Remote user said they installed. (we uploaded to a secure FTP and they dload
    it and ran it.)

    That cert says installed.

    Is the problem the fact that is the external server and the
    internal is and that's where the cert is having an issue?

    What else can I do?

    Thanks Les.

    GARETT - TVGTECH, Apr 15, 2009
  4. The cert name must match what you use to access the site, so if you built
    your cert for remtote.whatever.whatever, you'd need a matching dns record
    and would use that to access the site. If that's not the case, then you can
    create a dns record that matches the name in the cert, or, create a new cert
    that matches a dns record you already have - like mail.whatever.whatever.

    If you don't want to use the default of remote., you need to click
    'advanced' (I think it is) in the wizard and you can then specify an
    alternate name.

    Les Connor [SBS MVP]

    Les Connor [SBS MVP], Apr 15, 2009
  5. Thanks Les.

    Tried that but when advanced option, had difficult time figuring out what

    Cert enrollment requests - actually had the cert I needed.
    Intended purpose: ALL

    I copied to trusted, then to personal certificates.
    Now it still says intended purpose - all

    The original says IP: server

    For this to work, it's now in trusted and root, do I have to change it to
    server only, or will this work?

    Do i just have to run FIX network and will include that in the sbs cert for

    Thanks alot Les.

    GARETT - TVGTECH, Apr 15, 2009
  6. Hello,

    Thanks for your post and Les's input.

    In addition, to use Office Outlook 2003 or Outlook 2007 for "Outlook Anywhere" in SBS 2008 domain, you may also refer to the following articles for detailed

    Using "Outlook Anywhere" in Small Business Server 2008

    Windows Small Business Server 2008 Client Computer Help

    More Information
    Configuring Internet Mail in Windows Small Business Server 2008

    Hope this helps.

    Best regards,
    Robbin Meng(MSFT)
    Microsoft Online Newsgroup Support
    Robbin Meng [MSFT], Apr 16, 2009
  7. Thanks Robbin: Didn't see what I was looking for.

    Here is what I am looking for(I think):

    Location and how(steps) to setup a new CERT, that authenticates pass-through to the server?

    Do I choose server or webserver?
    What encryption?
    How to publish it so it precedes the certificate?

    I have been searching and need something so I don't screw it up when
    creating a new cert on SBS 2008 that overrides the native cert
    so it works with non common url authentication using

    Does this help clear up my question or completely no?

    Thanks all.
    GARETT - TVGTECH, Apr 16, 2009
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.