Certificate and Authentication Issues
Microsoft Exchange Server 2007 will reach end of support on April 11, 2017. To stay supported, you will need to upgrade. For more information, see Resources to help you upgrade your Office 2007 servers and clients.
Applies to: Exchange Server 2007, Exchange Server 2007 SP1
The topics in this section will help you troubleshoot problems that may occur when you work with Transport Layer Security (TLS) certificates and authentication.
Microsoft Exchange Server 2007 uses certificates for much of its transport authentication and encryption functionality. Specifically, various implementations of TLS are used by the Microsoft Exchange Transport service to help secure session communication between transport severs.
By default, the certificates that are used for authentication and encryption for TLS are self-signed certificates.
In all cases, you can replace self-signed certificates with third-party certificates that are generated by your own internal public key infrastructure (PKI) solution.
Certificates are also used for authentication and encryption to help secure communications between a Client Access server and clients.
Before you troubleshoot certificate errors, review the following topics:
The ExchangeCertificate cmdlets under Global Cmdlets
As you read through the troubleshooting topics that are listed below, remember that it is beyond the scope of this documentation to provide a detailed explanation of cryptography and certificate technologies and concepts. Before you deploy any security solution that uses cryptography and digital certificates, we recommend that you understand the basic concepts of trust, authentication, encryption, and public and private key exchange as they relate to cryptography. For more information, see the resources listed at the end of this topic.
For More Information
For more information about cryptography and certificate technologies and concepts, see the following resources:
Housley, Russ and Tim Polk. Planning for PKI: Best Practices Guide for Deploying Public Key Infrastructure. New York: John Wiley & Son, Inc., 2001.
Adams, Carlisle and Steve Lloyd. Applied Cryptography: Protocols, Algorithms, and Source Code in C, 2nd Edition. New York: John Wiley & Son, Inc., 1996.