Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 1 reply
  • Subscribers 5 subscribers
  • Views 6991 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

EAS Proxy Exchange Certificate

MDMUser

Hello everyone,

we plan to change the IIS certificate on our Exchange server to one that is signed by our corporate PKI. What do we need to do in order to make sure that Sophos SMC's EAS Proxy accepts that certificate?

- Is importing the root-certificate to the trusted root store of the Windows server Sophos SMC runs on enough?

- Does Sophos SMC's EAS Proxy perform revocation checking?

Thanks and best regards,

Steven

:52465


This thread was automatically locked due to age.
Parents
  • 0

    Hi Steven,

    the SMC EAS Proxy itself does not check the revocation list.

    I am not sure if the used Java components do that automatically.

    If you have changed the certificate of your Exchange server, you have to run the SMC Configuration Wizard and run through the EAS Proxy configuraiton again.

    This way, the new certificate will be imported to the java certificate store as it does not access the Windows certificate store.

    Hope this helps.

    Cheers

    Stefan

    :52551
Reply
  • 0

    Hi Steven,

    the SMC EAS Proxy itself does not check the revocation list.

    I am not sure if the used Java components do that automatically.

    If you have changed the certificate of your Exchange server, you have to run the SMC Configuration Wizard and run through the EAS Proxy configuraiton again.

    This way, the new certificate will be imported to the java certificate store as it does not access the Windows certificate store.

    Hope this helps.

    Cheers

    Stefan

    :52551
Children
No Data
Unfiltered HTML