Certificate and Authentication Issues
Applies to: Exchange Server 2007 SP1, Exchange Server 2007
Topic Last Modified: 2008-06-11
The topics in this section will help you troubleshoot problems that may occur when you work with Transport Layer Security (TLS) certificates and authentication.
Microsoft Exchange Server 2007 uses certificates for much of its transport authentication and encryption functionality. Specifically, various implementations of TLS are used by the Microsoft Exchange Transport service to help secure session communication between transport severs.
By default, the certificates that are used for authentication and encryption for TLS are self-signed certificates.
In all cases, you can replace self-signed certificates with third-party certificates that are generated by your own internal public key infrastructure (PKI) solution.
Certificates are also used for authentication and encryption to help secure communications between a Client Access server and clients.
Before you troubleshoot certificate errors, review the following topics:
- Understanding SSL for Client Access
- TLS Functionality and Related Terminology in Exchange 2007
- SMTP TLS Certificate Selection
- How to Fix Certificate Validation Errors
The ExchangeCertificate cmdlets under Global Cmdlets
|As you read through the troubleshooting topics that are listed below, remember that it is beyond the scope of this documentation to provide a detailed explanation of cryptography and certificate technologies and concepts. Before you deploy any security solution that uses cryptography and digital certificates, we recommend that you understand the basic concepts of trust, authentication, encryption, and public and private key exchange as they relate to cryptography. For more information, see the resources listed at the end of this topic.|
For more information about cryptography and certificate technologies and concepts, see the following resources:
Housley, Russ and Tim Polk. Planning for PKI: Best Practices Guide for Deploying Public Key Infrastructure. New York: John Wiley & Son, Inc., 2001.
Adams, Carlisle and Steve Lloyd. Applied Cryptography: Protocols, Algorithms, and Source Code in C, 2nd Edition. New York: John Wiley & Son, Inc., 1996.
- Best Practices for Implementing a Microsoft Windows Server 2003 Public Key Infrastructure