Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
355
Views
0
Helpful
4
Replies

CUPS 6.0(4) Calendaring - Newbie Q

Go to solution
neilobrien
Level 1
Level 1

‎07-12-2009 11:06 AM - edited ‎03-18-2019 11:20 PM

Hi there,

From the Cisco docs that I can find that explains the procedure for setting up the Outlook integration with Presence, all of them describe setting up a certificate authority and creating a cert to be installed onto the presence server. This cert is then also installed into the exchange server so both the presence server and exchange server talk SSL.

The problem I think we have here is that our exchange servers already have external SSL certs installed. The certs are called webmail.<domain>.com to match the external DNS name that people use for OWA. The Cisco docs describe installing the cert into the Default Website of IIS on the exchange server, but this is where the other cert is, and you can't have two.

The only workaround I can think of is to set up an internal DNS record pointing webmail.<domain>.com at the internal IP address of the exchange server. Although this is not ideal, we'll do it if that's what needs to be done. I'm just wondering if that's the Cisco way??

Any help/advise greatly appreciated,

Thanks in advance,

Neil

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
htluo
Level 9
Level 9
In response to neilobrien

‎07-13-2009 07:19 AM

There are two solutions:

#1 Create an internal dns record to point the external name to the internal ip address.

#2 You may get a certificate with "alternative name" attribute in it. You may put your internal name as "alternative name".

Michael

View solution in original post

0 Helpful
4 Replies 4

Go to solution
htluo
Level 9
Level 9

‎07-13-2009 06:33 AM

The whole purpose of the certificate is to set up SSL connection between CUPS and Exchange.

The certificate on Exchange (IIS) could be 3rd-party signed cert. It could also be local CA signed cert or self-signed cert.

Michael

http://htluo.blogspot.com

0 Helpful

Go to solution
neilobrien
Level 1
Level 1
In response to htluo

‎07-13-2009 06:39 AM

Hi Michael,

thanks for the reply.

the cert is a 3rd party cert, the name of it matches the external name of the server - webmail..com.

My CUPS server is on the inside of the network, if I point the CUPS at the internal name of the server, the cert name is not going to match. If I point teh CUPS at the external name of the server, it will resolve to the public IP, therefore sending it out to the internet in order to come back in.

So do I just create an internal dns record to point the external name to the internal ip address?? Doesn't seem right to me??

Thanks again,

Neil

0 Helpful

Go to solution
htluo
Level 9
Level 9
In response to neilobrien

‎07-13-2009 07:19 AM

There are two solutions:

#1 Create an internal dns record to point the external name to the internal ip address.

#2 You may get a certificate with "alternative name" attribute in it. You may put your internal name as "alternative name".

Michael

0 Helpful

Go to solution
neilobrien
Level 1
Level 1
In response to htluo

‎07-13-2009 08:11 AM

thanks Michael.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents