No announcement yet.

Changing password without SSL certificate

  • Filter
  • Time
  • Show
Clear All
new posts

  • Changing password without SSL certificate

    Hi all,

    I have one Exchage 2003 running my organization.
    Problem comes when I enable change password option of Exchange 2003 for my personal id. It added one option of change password in my OWA's options tab.

    But when i click on change password link, it redirects me to

    The problem is that I am not having ssl certificate purchased from online authority like I dont want to purchase ssl just to allow users to change their password.

    In this case, what should i do?
    May i generate a certificate on my exchange server ?
    Any other suggestions ?

    I checked following links :

    Please suggest.


  • #2
    Re: Changing password without SSL certificate

    There are a few ways to generate your own SSL certificates without paying to buy one. These methods are listed and explained here on this website and I have used or tested them successfully.

    Search for SSL on this site, then read the various articles explaining the subject.


    • #3
      Re: Changing password without SSL certificate

      hi rderby,

      Thnx for your reply.

      I searched for ssl and got 10 pages of results.
      I searched on 10-15 pages but everywhere i got only question not answer.

      Though i am trying, If you can provide me link, it will be very nice of u.

      Thnx in advance.



      • #4
        Re: Changing password without SSL certificate

        hey man,

        Got the links...
        Thnx for help...

        Creating own SSL certificate to work with OWA.

        Using Free 3rd party SSL certificate to work with OWA.



        • #5
          Re: Changing password without SSL certificate

          To creat your OWN Certificate authority start with:
          How can I install the Certificate Authority (CA) service in Windows Server 2003?

          How do I obtain a Digital Certificate from my Certificate Authority (CA)?

          also look at:
          How can I configure e-mail and message security in Exchange Server 2003?

          You can find out more about free PERSONAL certs at:
          How do I obtain a Digital Certificate from a 3rd party Certificate Authority (CA)?

          That one is ONLY for personal certificates, and you have to go through an in-person screening to get your Thawte Freemail certificate upgraded to indicate your own email address. I am one of the "notaries" for Thawte, and NO you can not do it over the internet. You MUST appear in person before a "Notary."

          Note that installing your own Root CA will allow you to create a root authority and generate your own personal and server certificates, but for an outside party it will be an untrueted source unless you get them to install YOUR root certificate as a trusted root authority in their Certificate store. Your certificates can NOT be traced all the way back to a Certificate Authority that has been recognized (or installed in all new PCs and Servers) by Microsoft.

          There is also a tool from Microsoft called MakeCert ( that allows you to create a "self-signed" certificate. I have not tried this yet so I don't know what the limitations might be for you. If you read the MSDN article and try it, you may find it suits your needs.

          I remember the utility Makecert.exe being discussed in a previous Petri article, I don't find it now.

          Basically, if you have control over most or all of the devices which will connect to your servers, you can make your own certificates without paying through the nose. However, if you want the world at large to be able to connect securely to your servers and the world at large is not willing to download and install your Root CA chain, then you will need to break out your wallet and pay.


          • #6
            Re: Changing password without SSL certificate

            Or you could follow the excellent advice of Sembee & Daniel (posts 6 & 7) and get a cheap SSL certificate from GoDaddy. That is one of the next things on my list at those prices.
            Last edited by biggles77; 30th September 2006, 20:44.
            1 1 was a racehorse.
            2 2 was 1 2.
            1 1 1 1 race 1 day,
            2 2 1 1 2