My TechNet Q&A – Vancouver

Last week Rick and I were in Vancouver for the My TechNet Security tour and again we had some great questions again.  One of the SMS questions that came in had to do with deploying your self signed Root CA via Active Directory.  When using an internal CA you'll have to deploy your Root CA as a trusted root to prevent those SSL warnings from appearing.  You can read the how-to on deploying your Root CA via AD at the following location.

Best Practices for Implementing a Microsoft Windows Server 2003 Public Key Infrastructure

You can also go one step further with SSL with IE7 and leverage SSL Validation (aka the green address bar in IE7).

Improving SSL: Extended Validation (EV) SSL Certificates

One correction I wanted to make was that I had mentioned you can get a trusted SSL certificate from for $29, it is actually only $19.99USD.  I use a GoDaddy certificate and on our SBS server for OWA and it is well worth the $20 for the simplicity over deploying and managing Root CAs.  They even sell EV-SSL certificates although they cost a little more than $20 🙂

Comments (1)

  1. Louis-Philippe Gauthier says:

    Some sites, podcast and vidcast have promo codes for GoDaddy so you can add 10% off that SSL certificate order.

    Disclaimer: I am not a GoDaddy Employee whatsoever just thought some Canadian IT Pro would like the combined saving of the loonie + 10%

Skip to main content