locked
OCS 2007 R2 Federation RRS feed

  • Question

  • Hi All,

    Is neccesary deploy Public (Third-Party) Certificate on Edge Server for Federation with other OCS Organizations? or Public (Third-Party) Certificate is just for MSN, AOL?

    Regards.

    Monday, July 13, 2009 9:41 PM

Answers

  • Jose,

    Since you will be using a secure connection between AOL, MSN and Yahoo, they must trust your root certificate authority and you must trust theirs.  The only way to do this is to use a third party certificate on the edge.  For use with other OCS Ogranizations it is not a requirement, but you will have to send them your root CA certificate (from trusted root, not the one with your private key) and vice versa for that to work.  I HIGHLY recommend just using a public cert, the cost is not very high compared to the amount of time you would have to spend working with the other companies to make it work, and the impression it would give.

    Hope this helps!

    -KP
    Kevin Peters MCSE/MCSA/MCTS/CCNA/Security+ blog: www.ocsguy.com
    Monday, July 13, 2009 10:21 PM