|
exchange
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Exchange 2003 with OWA and Verisign Digital ID'sVerisign digital id. I have this working fine through Outlook but want the option to do it through OWA too. I get the following error message "You are attempting to sign the message with an invalid digital ID. The certificate chain that contains the digital ID was not created properly. Try sending without a digital signature." If I send with out it works fine. I tried following the instructions in http://support.microsoft.com/kb/927463 but am having a hell of a time find the id I need to use. I talked with Verisign and they told me this "Ok, so what you can do on the Exchange end is actually install your Digital ID Certificate on the server. The certificate we send already has the complete chain. However if you only have the certificate installed on your browser and your machine locally, the Exchange server cannot read the certificate. Therefore to properly encrypt an email using OWA, your Digital Certificate must be installed on the server." But according to the KB Article I shouldn't need to do that. I couldn't imagine having to do that in an enterprise with a couple of hundred let alone thousand users. Any assistance would greatly be appreciated. Thanks Lance The KB article you're referring to covers the requirement to install the
trusted root certificate, i.e., Verisign's certificate on the Exchange server used for OWA. You are correct that you do not install the sender's individual certificate on the Exchange server. -- Show quoteHide quoteEd Crowley MVP "There are seldom good technological solutions to behavioral problems." .. "Lance" <La***@discussions.microsoft.com> wrote in message news:B8B7BB16-4CFF-411A-9E9F-AE8B9AEE8FBC@microsoft.com... >I am having problems trying to send an email that is digitally signed with >a > Verisign digital id. I have this working fine through Outlook but want the > option to do it through OWA too. I get the following error message "You > are > attempting to sign the message with an invalid digital ID. The certificate > chain that contains the digital ID was not created properly. Try sending > without a digital signature." If I send with out it works fine. I tried > following the instructions in http://support.microsoft.com/kb/927463 but > am > having a hell of a time find the id I need to use. I talked with Verisign > and > they told me this > > "Ok, so what you can do on the Exchange end is actually install your > Digital > ID Certificate on the server. The certificate we send already has the > complete chain. However if you only have the certificate installed on your > browser and your machine locally, the Exchange server cannot read the > certificate. Therefore to properly encrypt an email using OWA, your > Digital > Certificate must be installed on the server." > > But according to the KB Article I shouldn't need to do that. I couldn't > imagine having to do that in an enterprise with a couple of hundred let > alone > thousand users. Any assistance would greatly be appreciated. > > Thanks > Lance When I figure out Verisigns certificate that I need to install on the server
I should be able to send an email message with my digital id correct? Show quoteHide quote "Ed Crowley [MVP]" wrote: > The KB article you're referring to covers the requirement to install the > trusted root certificate, i.e., Verisign's certificate on the Exchange > server used for OWA. You are correct that you do not install the sender's > individual certificate on the Exchange server. > -- > Ed Crowley MVP > "There are seldom good technological solutions to behavioral problems." > .. > > "Lance" <La***@discussions.microsoft.com> wrote in message > news:B8B7BB16-4CFF-411A-9E9F-AE8B9AEE8FBC@microsoft.com... > >I am having problems trying to send an email that is digitally signed with > >a > > Verisign digital id. I have this working fine through Outlook but want the > > option to do it through OWA too. I get the following error message "You > > are > > attempting to sign the message with an invalid digital ID. The certificate > > chain that contains the digital ID was not created properly. Try sending > > without a digital signature." If I send with out it works fine. I tried > > following the instructions in http://support.microsoft.com/kb/927463 but > > am > > having a hell of a time find the id I need to use. I talked with Verisign > > and > > they told me this > > > > "Ok, so what you can do on the Exchange end is actually install your > > Digital > > ID Certificate on the server. The certificate we send already has the > > complete chain. However if you only have the certificate installed on your > > browser and your machine locally, the Exchange server cannot read the > > certificate. Therefore to properly encrypt an email using OWA, your > > Digital > > Certificate must be installed on the server." > > > > But according to the KB Article I shouldn't need to do that. I couldn't > > imagine having to do that in an enterprise with a couple of hundred let > > alone > > thousand users. Any assistance would greatly be appreciated. > > > > Thanks > > Lance > > > I don't know if that's all you need.
-- Show quoteHide quoteEd Crowley MVP "There are seldom good technological solutions to behavioral problems." .. "Lance" <La***@discussions.microsoft.com> wrote in message news:4F4254CF-5551-4E42-8C22-00F198F056B5@microsoft.com... > When I figure out Verisigns certificate that I need to install on the > server > I should be able to send an email message with my digital id correct? > > "Ed Crowley [MVP]" wrote: > >> The KB article you're referring to covers the requirement to install the >> trusted root certificate, i.e., Verisign's certificate on the Exchange >> server used for OWA. You are correct that you do not install the >> sender's >> individual certificate on the Exchange server. >> -- >> Ed Crowley MVP >> "There are seldom good technological solutions to behavioral problems." >> .. >> >> "Lance" <La***@discussions.microsoft.com> wrote in message >> news:B8B7BB16-4CFF-411A-9E9F-AE8B9AEE8FBC@microsoft.com... >> >I am having problems trying to send an email that is digitally signed >> >with >> >a >> > Verisign digital id. I have this working fine through Outlook but want >> > the >> > option to do it through OWA too. I get the following error message "You >> > are >> > attempting to sign the message with an invalid digital ID. The >> > certificate >> > chain that contains the digital ID was not created properly. Try >> > sending >> > without a digital signature." If I send with out it works fine. I tried >> > following the instructions in http://support.microsoft.com/kb/927463 >> > but >> > am >> > having a hell of a time find the id I need to use. I talked with >> > Verisign >> > and >> > they told me this >> > >> > "Ok, so what you can do on the Exchange end is actually install your >> > Digital >> > ID Certificate on the server. The certificate we send already has the >> > complete chain. However if you only have the certificate installed on >> > your >> > browser and your machine locally, the Exchange server cannot read the >> > certificate. Therefore to properly encrypt an email using OWA, your >> > Digital >> > Certificate must be installed on the server." >> > >> > But according to the KB Article I shouldn't need to do that. I couldn't >> > imagine having to do that in an enterprise with a couple of hundred let >> > alone >> > thousand users. Any assistance would greatly be appreciated. >> > >> > Thanks >> > Lance >> >> >> Is there a good how to on how people secure their email communications with
digital ids that use OWA? Show quoteHide quote "Ed Crowley [MVP]" wrote: > I don't know if that's all you need. > -- > Ed Crowley MVP > "There are seldom good technological solutions to behavioral problems." > .. > > "Lance" <La***@discussions.microsoft.com> wrote in message > news:4F4254CF-5551-4E42-8C22-00F198F056B5@microsoft.com... > > When I figure out Verisigns certificate that I need to install on the > > server > > I should be able to send an email message with my digital id correct? > > > > "Ed Crowley [MVP]" wrote: > > > >> The KB article you're referring to covers the requirement to install the > >> trusted root certificate, i.e., Verisign's certificate on the Exchange > >> server used for OWA. You are correct that you do not install the > >> sender's > >> individual certificate on the Exchange server. > >> -- > >> Ed Crowley MVP > >> "There are seldom good technological solutions to behavioral problems." > >> .. > >> > >> "Lance" <La***@discussions.microsoft.com> wrote in message > >> news:B8B7BB16-4CFF-411A-9E9F-AE8B9AEE8FBC@microsoft.com... > >> >I am having problems trying to send an email that is digitally signed > >> >with > >> >a > >> > Verisign digital id. I have this working fine through Outlook but want > >> > the > >> > option to do it through OWA too. I get the following error message "You > >> > are > >> > attempting to sign the message with an invalid digital ID. The > >> > certificate > >> > chain that contains the digital ID was not created properly. Try > >> > sending > >> > without a digital signature." If I send with out it works fine. I tried > >> > following the instructions in http://support.microsoft.com/kb/927463 > >> > but > >> > am > >> > having a hell of a time find the id I need to use. I talked with > >> > Verisign > >> > and > >> > they told me this > >> > > >> > "Ok, so what you can do on the Exchange end is actually install your > >> > Digital > >> > ID Certificate on the server. The certificate we send already has the > >> > complete chain. However if you only have the certificate installed on > >> > your > >> > browser and your machine locally, the Exchange server cannot read the > >> > certificate. Therefore to properly encrypt an email using OWA, your > >> > Digital > >> > Certificate must be installed on the server." > >> > > >> > But according to the KB Article I shouldn't need to do that. I couldn't > >> > imagine having to do that in an enterprise with a couple of hundred let > >> > alone > >> > thousand users. Any assistance would greatly be appreciated. > >> > > >> > Thanks > >> > Lance > >> > >> > >> > > > What do you mean by secure? If you require HTTPS, then all transmissions
between IE and Exchange are encrypted. Beyond that, there are probably all sorts of things you can do, none of which are native to Exchange. -- Show quoteHide quoteEd Crowley MVP "There are seldom good technological solutions to behavioral problems." .. "Lance" <La***@discussions.microsoft.com> wrote in message news:EA27D578-1CD3-4277-9DED-7DA24255540C@microsoft.com... > Is there a good how to on how people secure their email communications > with > digital ids that use OWA? > > "Ed Crowley [MVP]" wrote: > >> I don't know if that's all you need. >> -- >> Ed Crowley MVP >> "There are seldom good technological solutions to behavioral problems." >> .. >> >> "Lance" <La***@discussions.microsoft.com> wrote in message >> news:4F4254CF-5551-4E42-8C22-00F198F056B5@microsoft.com... >> > When I figure out Verisigns certificate that I need to install on the >> > server >> > I should be able to send an email message with my digital id correct? >> > >> > "Ed Crowley [MVP]" wrote: >> > >> >> The KB article you're referring to covers the requirement to install >> >> the >> >> trusted root certificate, i.e., Verisign's certificate on the Exchange >> >> server used for OWA. You are correct that you do not install the >> >> sender's >> >> individual certificate on the Exchange server. >> >> -- >> >> Ed Crowley MVP >> >> "There are seldom good technological solutions to behavioral >> >> problems." >> >> .. >> >> >> >> "Lance" <La***@discussions.microsoft.com> wrote in message >> >> news:B8B7BB16-4CFF-411A-9E9F-AE8B9AEE8FBC@microsoft.com... >> >> >I am having problems trying to send an email that is digitally signed >> >> >with >> >> >a >> >> > Verisign digital id. I have this working fine through Outlook but >> >> > want >> >> > the >> >> > option to do it through OWA too. I get the following error message >> >> > "You >> >> > are >> >> > attempting to sign the message with an invalid digital ID. The >> >> > certificate >> >> > chain that contains the digital ID was not created properly. Try >> >> > sending >> >> > without a digital signature." If I send with out it works fine. I >> >> > tried >> >> > following the instructions in http://support.microsoft.com/kb/927463 >> >> > but >> >> > am >> >> > having a hell of a time find the id I need to use. I talked with >> >> > Verisign >> >> > and >> >> > they told me this >> >> > >> >> > "Ok, so what you can do on the Exchange end is actually install your >> >> > Digital >> >> > ID Certificate on the server. The certificate we send already has >> >> > the >> >> > complete chain. However if you only have the certificate installed >> >> > on >> >> > your >> >> > browser and your machine locally, the Exchange server cannot read >> >> > the >> >> > certificate. Therefore to properly encrypt an email using OWA, your >> >> > Digital >> >> > Certificate must be installed on the server." >> >> > >> >> > But according to the KB Article I shouldn't need to do that. I >> >> > couldn't >> >> > imagine having to do that in an enterprise with a couple of hundred >> >> > let >> >> > alone >> >> > thousand users. Any assistance would greatly be appreciated. >> >> > >> >> > Thanks >> >> > Lance >> >> >> >> >> >> >> >> >>  
Thread options
Other interesting topics
Not able to route smtp outboud traffice from exch 2003 server via
Exch 2K d:/M: drive fills up, contracts and fills up (over and ove Ignore an SMTP address in the domain Re: Exchange 2007 & AD2008 Topology preparation, a little confused body of email message gets converted to txt attachement Ex2007 sp1 Internal OWA problem - need help Attachments in OWA - WP Save Email to disk folders depending on Subject possible ? Question regarding Outlook connecting to Exchange using HTTP Does exmerge still have 2G limit for Exchange 2003? |
|||||||||||||||||||||||
