How do I deploy a public-key infrastructure (PKI) for Exchange 2003?
I have a front-end and a back-end server both using Exchange Server 2003 and an Active Directory server. What is the best method to deploy a public-key infrastructure (PKI) for Exchange Server 2003?

Software/Hardware used:
ASKED: February 8, 2008  10:31 PM
UPDATED: September 4, 2008  8:04 PM

Answer Wiki:
First you need to tell us what you'll be using it for. If you want to encrypted/authenticated email, you'll need to personal mail certificates. For a small org, no management is really necessary and you can get <a href="http://www.thawte.com/secure-email/personal-email-certificates/index.html">free </a> public ones , but for a large one, you'll either want to do it with Verisign or deploy your own PKI and enroll/publish the certs in AD with a GPO automatically. If you want secure client server communication, public certs like the one from Verisign are the best. You won't have any problems with your Windows Mobile or other devices. You need to publish these on your Front End servers. For more detailed info, reply Having set up a number of servers for PKI , I have found that the Microsoft Technet site is an encyclopedia of information for setting up M/S 2003servers and utilizing the M/S PKI services . Also check with your Certificate Authority to find out any recommendations they might have. Hope this helps! "K" =================== See my <a href="http://itknowledgeexchange.techtarget.com/it-trenches/certificates-who-do-you-trust/">blog on certificates</a> for additional considerations.
Last Wiki Answer Submitted:  September 4, 2008  8:04 pm  by  Uscgcwo4   265 pts.
All Answer Wiki Contributors:  Uscgcwo4   265 pts. , Xanader   395 pts.
To see all answers submitted to the Answer Wiki: View Answer History.


Discuss This Question:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _