donot want security alert to be prompt every time users connect to my Outlook web Access server. - Inetserver

You need to configure the Server Certificate for SSL with one that the
client trusts.

For security reasons, the server certificate cannot be automatically
accepted by the client without any alert. You can certainly have the client
manually download the CA cert signing the server's certificate -- but once
again, it cannot be done automatically.

Easiest way to do this correctly is to have the Server Certificate signed by
a CA certificate that the client trusts. This usually happens for any
purchased certificates, or if you control the client, server, and a mutually
trusted certificate authority.

--
//David
IIS
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"Saket Badola" <saki_cisco@yahoo.com> wrote in message
news:c4bec339.0408120253.5b0742d3@posting.google.com...
Hi,

I have configured OWA with SSL enabled. IIS is 5.0.

Everything is working fine. But when open OWA site it give me a
Security Alert

"Information you exchange with is site cannot be viewed or changed by
others. However, ther is a problem with the site security
certificate.......

Do you want to proceed? "

and it give three option Yes , No or View Certificate.

I donot want this security alert to be prompted every time i connect
to this site.

Cannot the certificate be accepted by the client without any alert?

Or the Certificate be download (imported) to the client so that it is
not prompt again.

Regrads
Saket

Thanks for the solution.
Do you have any link on how to configure the Server Certificate for
SSL with one that the client trusts using microsoft certificate
server.

-Saket

"David Wang [Msft]" <someone@online.microsoft.com> wrote in message news:<#XpOnv#hEHA.2624@TK2MSFTNGP12.phx.gbl>...
> You need to configure the Server Certificate for SSL with one that the
> client trusts.
>
> For security reasons, the server certificate cannot be automatically
> accepted by the client without any alert. You can certainly have the client
> manually download the CA cert signing the server's certificate -- but once
> again, it cannot be done automatically.
>
> Easiest way to do this correctly is to have the Server Certificate signed by
> a CA certificate that the client trusts. This usually happens for any
> purchased certificates, or if you control the client, server, and a mutually
> trusted certificate authority.
>
> --
> //David
> IIS
> This posting is provided "AS IS" with no warranties, and confers no rights.
> //
> "Saket Badola" <saki_cisco@yahoo.com> wrote in message
> news:c4bec339.0408120253.5b0742d3@posting.google.com...
> Hi,
>
> I have configured OWA with SSL enabled. IIS is 5.0.
>
> Everything is working fine. But when open OWA site it give me a
> Security Alert
>
> "Information you exchange with is site cannot be viewed or changed by
> others. However, ther is a problem with the site security
> certificate.......
>
> Do you want to proceed? "
>
> and it give three option Yes , No or View Certificate.
>
> I donot want this security alert to be prompted every time i connect
> to this site.
>
> Cannot the certificate be accepted by the client without any alert?
>
> Or the Certificate be download (imported) to the client so that it is
> not prompt again.
>
> Regrads
> Saket

I don't have a link handy, but I suggest you search the web a little bit; I
bet tons of people have already figured out your common scenario.

On the client machines, you import the CA that signed the server's
certificate.

Browsers come pre-loaded with a set of commercial CAs so that the
certificates issued by those companies are automatically trusted. All you
need to do is on each client machine, import the CA that signed YOUR
server's certificate (in effect, making your CA's certificate as trusted as
the pre-loaded set of commercial CAs).

I've seen Group Policy used to distribute those certificates, and running
scripts on the clients can also install the certificates. There's nothing
related to Microsoft Certificate Server in those actions -- Certificate
Server hands out certificates, not install them on clients (once again, a
server cannot install certificates on the clients for security reasons).

There's no magic nor shortcuts allowed here -- this is just how security
works with Certificates.

--
//David
IIS
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"Saket Badola" <saki_cisco@yahoo.com> wrote in message
news:c4bec339.0409060331.15825490@posting.google.com...
Thanks for the solution.
Do you have any link on how to configure the Server Certificate for
SSL with one that the client trusts using microsoft certificate
server.

-Saket

"David Wang [Msft]" <someone@online.microsoft.com> wrote in message
news:<#XpOnv#hEHA.2624@TK2MSFTNGP12.phx.gbl>...
> You need to configure the Server Certificate for SSL with one that the
> client trusts.
>
> For security reasons, the server certificate cannot be automatically
> accepted by the client without any alert. You can certainly have the
client
> manually download the CA cert signing the server's certificate -- but once
> again, it cannot be done automatically.
>
> Easiest way to do this correctly is to have the Server Certificate signed
by
> a CA certificate that the client trusts. This usually happens for any
> purchased certificates, or if you control the client, server, and a
mutually
> trusted certificate authority.
>
> --
> //David
> IIS
> This posting is provided "AS IS" with no warranties, and confers no
rights.
> //
> "Saket Badola" <saki_cisco@yahoo.com> wrote in message
> news:c4bec339.0408120253.5b0742d3@posting.google.com...
> Hi,
>
> I have configured OWA with SSL enabled. IIS is 5.0.
>
> Everything is working fine. But when open OWA site it give me a
> Security Alert
>
> "Information you exchange with is site cannot be viewed or changed by
> others. However, ther is a problem with the site security
> certificate.......
>
> Do you want to proceed? "
>
> and it give three option Yes , No or View Certificate.
>
> I donot want this security alert to be prompted every time i connect
> to this site.
>
> Cannot the certificate be accepted by the client without any alert?
>
> Or the Certificate be download (imported) to the client so that it is
> not prompt again.
>
> Regrads
> Saket