godaddy certificate - generating certs

[snootalope]

I don't even know if this is possible, hopefully someone can set me straight here.

I need a trusted certificate for my exchange 2003 box, so that my windows mobile devices can sync with it WITHOUT having to install a self-signed cert from my internal domain CA. To much of a pain to keep up with all the phones we have.

Also, I need to be able to issue user requests to the ca to get a self-signed user cert so the users can send signed messages to external recipients, and eventually send encrypted messages with Exchange.

Those are my two goals, and I'm thinking getting a godaddy cert that verifies "domain control & identity" onto our internal CA, so that it can issue digital ID's to our internal users. And at the same time, I need to be able to put this or another godaddy cert on our exchange so i don't have to use a cert from our internal CA.

I sure hope this makes sense to someone on here, cause I'm going in circles!!!

Thanks for any help..

 

[ITPangaeaArchitect]

youre going to have to configure the subject name on the server auth cert from godaddy to match the servername (subject) being requested by the outlook client on the mobile devices, if it doesnt have this already. Be advised that most public cert providers use UNIX based CAs that are not capable of creating certificates with the same extensions that are expected by many MS applications. A good example is subject laternative name, which has different extension names depending on whether or not is was issued from a MS CA, or a UNIX based CA...one does not recognize the other basically...
You need to generate the request from one of your exchange front end servers, I suggest manually with an INF, and the private key needs to be exportable

- Brandon Wilson
MCSE:Security00/03; MCSA:Security03
MCSA:Messaging00; MCP; A+
IT Pangaea (

http://it-pangaea.com)