My TechNet Q&A from Winnipeg
The My TechNet Security tour is officially underway with the first stop in Winnipeg complete. As you are aware if you've ever attended an event we always have time for Q&A at the end of the day and there were a lot of good questions. All were answered but I did promise some resources with the how-to information. There are demos on implementing SSL, Forms Based Authentication on Exchange and on ISA and one of the questions was what customizations were possible. The good news was a lot and how?
Customizing Outlook Web Access 2000
Customizing Outlook Web Access 2003
Microsoft Support Policy for OWA Customizations
Customizing the OWA FBA Logon Page
Customizing the ISA FBA Logon Page
I also mentioned a tool you can use for testing SSL which allows you to create self signed certificates. This tool will create and install the certificate and can be used to encrypt the traffic. It is part of the IIS 6.0 Resource Kit.
There are some other connections that can be secured with SSL including RDP and Virtual Server 2005 R2 with certificates from trusted roots (i.e. Go Daddy, VeriSign, Thawte) or with self signed certs. I wrote a few articles at www.thelazyadmin.com a few years ago which outline how to do this.
Configure RDP over SSL with SelfSSL
Configure SSL for Virtual Server with SelfSSL
Just remember that using a self signed certificate will work as far as encrypting the traffic but is not an effective method of validating the server you are connecting too!