Know How To Secure Client Server and Server-Server Network in Exchange Server

 

Exchange Server is known to provide a notably secure emailing environment. It provides a high degree of security to client server and server – server network for a reliable communication with the help of SSL Certificates. These certificates are used for securing the protocols such as POP, IMAP, HTTP and SMTP. From the very instance of being installation, Exchange Server is secured by default by configuring with the self signed SSL Certificates.

What Is SSL Certificate?

SSL is the acronym for Secure Socket Layer which is an encryption technology introduced by Netscape. SSL facilitates an encrypted connection and transactions between the server and the web browser in a bid to prevent unauthorized and unintended audiences from gaining access to the data. However, in order to enable the SSL on the website, an SSL Certificate, that will identify one or both the ends of the transactions, is required to be installed on the server. The SSL Certificate makes sure that any information you enter on the website is protected and visible only to the organization that owns that website.

How Do SSL Certificates Work?

SSL Certificates are the data files that attach a cryptographic key to the details of an organization. When these are installed on the web browser, they activate padlock and http protocol. This is how they work:

• The browser requests for a secure http page.
• Web server then sends its public encryption key along with the certificate.
• The web browser makes sure that the certificate is authentic and issued by trusted Certificate Authority.
• Browser makes use of the public key to send the symmetric encryption key along with the encrypted URL and http data to the server.
• Now the server uses its private key to decrypt the encrypted URL and the http data.
• The requested html document and the http data encrypted with the symmetric encryption key are sent back by the web browser.
• The web browser then decrypts the http data and html document and displays the information.

SSL Certificate For Exchange Server 2013:

SSL Certificate used by Exchange Server 2013, for securing the client server and server – server network, is popularly known as Subject Alternate Name (SAN) certificate.  It is the SSL Certificate having multiple server or domain names on one. This suggests that a single certificate can be used to provide a secure environment to more than one Exchange 2013 servers. Hence, instead of providing a single SSL Certificate for each server name, a single SAN Certificate can include all the server names and the URLs to be used in Exchange.

There are certain mandatory requirements that need to be fulfilled by an SSL Certificate for a reliable working with the Exchange 2013 environment.

Validity Period:

Every SSL Certificate has an expiry date. The time period between the date of issuing and the expiry date is referred to as the validity period which in case of the default, self signed Exchange Server 2013 certificate is five years.

Authentic Certificate Authority:

In order to make the SSL Certificate trusted by the client, it is necessary that the certificate be issued by a certificate authority that is widely trusted. However, this trust issue applies only to the certificates that are installed on to a dedicated Client Access Server. The self signed certificates that do not accept the direct client connections can be used by Mailbox Server.