I'm generally a big believer in the power of a free market. In most market segments, competition between sellers makes things better for the buyer. In the computing industry, look no further than the x86-based hardware that you're probably using to read this email newsletter.
One area in which competition has only recently made its mark is the market for Secure Sockets Layer (SSL) certificates. If you want an SSL certificate, you have basically two choices: You can create your own or you can buy one from a third-party certificate authority (CA). For many applications, a self-issued, self-signed certificate will do fine. For example, many companies use self-signed certificates for signing Microsoft Office macros and protecting intranet Web servers. The potential security risk of clients accessing your Internet-facing services will determine whether you should use self-signed certificates or certificates purchased from an external CA such as Comodo, GoDaddy.com, or VeriSign. The cost of these certificates varies quite a bit; for example, Comodo sells a 128-bit server certificate for $139 per year, whereas a similar certificate from GoDaddy.com costs about $20 per year. The strength of the certificate, its renewal period, and the reputation of the certificate issuer all influence the final price.
Exchange uses certificates in several ways. The most common use, of course, is to protect access to Microsoft Outlook Web Access (OWA). Exchange Server 2003 and earlier releases don't require you to use SSL with OWA, but if you don't use it you're needlessly exposing yourself to the possibility of an attacker stealing credentials to your network. (When you turn on form-based authentication for Exchange 2003, however, SSL is required or the authentication won't work.) You can also use certificates to apply SSL protection for POP, IMAP, and Exchange ActiveSync.
Requesting and installing certificates is fairly straightforward, although it might require more knowledge of the Internet Services Manager for Microsoft IIS than you might voluntarily gain on your own. After you install a certificate and enable it for the Exchange services you want to protect, you're done.
Exchange Server 2007 changes the game significantly because it automatically generates and installs its own set of self-signed certificates. This is a great boon for novice administrators (or lazy ones) because it means that Exchange 2007 OWA is automatically protected from the minute you install the Client Access server role. However, the addition of this new feature introduces several additional wrinkles that you need to know about; I'll cover those in next week's column.
An often irreverent look at some of the week's other news, including a Vista Capable dismissal request, Zune price reductions, Morrow musings, Novell and Microsoft sitting in a tree ... two years later, Yahoo!, IE 6 on Windows Mobile, and so much more ...
Order Your SQL Fundamentals CD Today! Learn how to use SQL Server, understand Office integration techniques and dive into the essentials of SQL Express and Visual Basic with this free SQL Fundamentals CD.
You've Deployed SharePoint...Now What? This one-day free online conference delivers the technical knowledge needed to kick MOSS up a notch. In one information-packed day, independent SharePoint experts will present practical, real-world information and provide take-away, ready-to-use solutions
Don't Miss 3 Introductory PowerShell Lessons! Paul Robichaux equips you with PowerShell basics in 3 introductory lessons, each followed by live Q&A—all on your own computer! Register today!
What Would You Do If You Ran Microsoft? ITTV's 2008 inaugural video contest, "If I Ran Microsoft..." is your chance to tell it like it is. Be goofy or be serious, but don"t miss this chance to have fun, win prizes, and go viral in a major way.
Maximize Your SharePoint Investment This web seminar discusses how true bi-directional replication of SharePoint content from one server to another enables branch offices to maintain access to current SharePoint content.
Register
