2 Examining SSL encryption for OWA traffic.
318 CHAPTER 12 Securing Outlook Web Access (OWA) Traffic
say they are, and to generate the digital certificates that validate this for digital communications
that require encryption, such as SSL.
For example, if CompanyABC wishes to create a certificate to install on its OWA server, it
sends the certificate request to the third-party certificate authority (CA), who then follows
up by researching the company, calling the CompanyABC employees, and conducting
interviews to determine the validity of the organization. Based on the information
obtained from this process, the third-party CA then encrypts the certificate and sends it
back to CompanyABC, which then installs it on its server.
Because the third-party CA is registered on nearly all the web browsers (the most common
ones always are), the client automatically trusts the CA and, subsequently, trusts the
certificate generated by CompanyABC. It is because of this seamless integration with the
majority of the world??™s browsers that third-party enterprise CAs are commonly utilized.
Internal certificate authorities, built and maintained by the internal IT branch of an organization,
are more cost effective.
Pages:
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530