Sharing of thoughts and information is what blogging is all about. This way we can learn from each other. Post A Comment!These postings are provided "AS IS" with no warranties, and confers no rights. You assume all risk for your use.
Anthony Bartolo Twitter | LinkedIn
Pierre Roman Twitter | LinkedIn
Last week Rick and I were in Vancouver for the My TechNet Security tour and again we had some great questions again. One of the SMS questions that came in had to do with deploying your self signed Root CA via Active Directory. When using an internal CA you'll have to deploy your Root CA as a trusted root to prevent those SSL warnings from appearing. You can read the how-to on deploying your Root CA via AD at the following location.
Best Practices for Implementing a Microsoft Windows Server 2003 Public Key Infrastructure
You can also go one step further with SSL with IE7 and leverage SSL Validation (aka the green address bar in IE7).
Improving SSL: Extended Validation (EV) SSL Certificates
One correction I wanted to make was that I had mentioned you can get a trusted SSL certificate from GoDaddy.com for $29, it is actually only $19.99USD. I use a GoDaddy certificate thelazyadmin.com and on our SBS server for OWA and it is well worth the $20 for the simplicity over deploying and managing Root CAs. They even sell EV-SSL certificates although they cost a little more than $20 :) https://www.godaddy.com/gdshop/ssl/ssl.asp?ci=9039
Some sites, podcast and vidcast have promo codes for GoDaddy so you can add 10% off that SSL certificate order.
Disclaimer: I am not a GoDaddy Employee whatsoever just thought some Canadian IT Pro would like the combined saving of the loonie + 10%