Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. How To Configure Exchange Server 2003 OWA to Use S/MIME

How To Configure Exchange Server 2003 OWA to Use S/MIME

View products that this article applies to.

Summary

This article discusses how to configure the Exchange Server 2003 version of Microsoft Outlook Web Access (OWA) to permit users to digitally sign and encrypt e-mail messages by using the new OWA Secure/Multipurpose Internet Mail Extension (S/MIME) control. The S/MIME control works in conjunction with public key infrastructure (PKI) technology to provide signing and encryption functionality.

Note This article assumes a solid understanding of cryptography and PKI technology. For more information about cryptography and Windows PKI, visit the following Microsoft Web site:
http://technet.microsoft.com/en-us/library/dd277320.aspx

How to Install Windows Server 2003 Certification Authority

The standard User certificate template that is included with Windows Server 2003 Certificate Services supports message signing and message encryption for the OWA S/MIME control. If you want to require separate certificates for signing and encryption, you must create two new templates: one template for signing and one template for encryption.

Note After the certification authority (CA) component is installed, certificates are issued automatically upon request unless the certificate template is modified to require an administrator to grant the certificate. Therefore, user certificates are issued without an administrator's approval.

How to Request a Certificate


To request a user certificate, follow these steps:
  1. On the client computer, start Microsoft Internet Explorer.
  2. On the Address bar, type the following text (where CertificateServer is the name of the server that is running Certificate Services), and then click Go:
    http://CertificateServer/certsrv
  3. If you are prompted to, type your authentication credentials, click Request a certificate, and then click Next.
  4. On the Choose Request Type page, click User Certificate, and then click Next.
  5. On the User Certificate � Identifying Information page, click Submit.
  6. On the Certificate Issued page, click Install this certificate.

How to Install the OWA S/MIME Control

To install the OWA S/MIME control on the client computer, follow these steps:
  1. On a Windows 2000-or-later-based client computer that is running Internet Explorer 6.0 or later, log on to OWA.
  2. In the OWA Navigation pane, click Options.
  3. Under E-mail Security, click Download.

    Note If you receive a Security Warning dialog box, click Yes.
  4. Under E-mail Security, click to select the Encrypt contents and attachments for outgoing messages check box if you want encryption enabled by default when you compose a message.
  5. Under E-mail Security, click to select the check box for the recipient of the signed message. The message should be digitally signed by the sender.

How to Test Encryption and Signing

To send an encrypted message, follow these steps:
  1. In OWA, click New.
  2. Compose a message.

    Note The sender must have the recipient�s public key to encrypt the message contents. Therefore the recipient must have already enrolled with Certificate Services.
  3. On the toolbar, click Add digital signature to this message.
  4. Click Send.
  5. Verify that the message is encrypted and viewable only by the recipient on a computer that has the recipient�s encryption certificate installed.

↑ Back to the top

Keywords: KB823568, kbhowtomaster, kbtshoot

↑ Back to the top

Article Info
Article ID : 823568
Revision : 9
Created on : 10/25/2007
Published on : 10/25/2007
Exists online : False
Views : 280