Linux to Exchange 2013 port 80 443


#1

Hi,
I got Ms Exchange 2013 and have port 80 open for other things than Exchange and I cannot auth the domain, howerver I got a Debian Server on port 80 and Apache 2.x.

Is there a guide on how to create the cert on Debiab/Linux and move it to Ms Exchange 2013 (I can move it to a cifs share so I can pick it up with powershell)

Regards
Marcus


#2

Anyone that can point me in right directions?


#3

Hello @trexen

So lets do this

A) There are 3 challenge types - are you aware of all 3?
B) Why are you not able to create a subfolder on your exchange server to verify HTTP-01 challenge?
C) Have you read any guides? How are you planning this thing out?
D) Can you share domain names? Or is it all hush hush for now?

Andrei


#4

A) not shurewhat you ment
B) Im able but I don’t have port 80 open to that server, only 443
C) yes I have, I tried the scripts etc but the problem is port 80
D) that’s no hush hush =) sitetech.se

I point a debian apache at port 80 so i think that’s the way to go, agree?

Thanks /M


#5

You could use Certbot on Linux:

There is lots of information out there on converting PEM-formatted certs to PFX and I’m sure people can help you if you run into trouble with that.

I think @ahaw021’s point is that there are also ways of getting a certificate without using a connection to port 80; in particular, you can also get a certificate if you can update entries in your domain’s DNS zone file, using a different authentication method. So it might also be possible to run some kind of Let’s Encrypt client directly on your Windows server, instead of on your Debian server, if you have the ability to make DNS changes manually or through a DNS provider API.


#6

If you use Certbot, you’ll want to use certbot certonly --standalone --preferred-challenges http-01 -d example.com if you aren’t running a web server at all under Debian, and certbot certonly --webroot -w /var/www/html -d example.com (substituting the location where your web server is serving files from for /var/www/html, and your domain name for example.com).


#7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.