Do you and/or your employees check email while connected to public WiFi
networks or at home? Did you know that your user names, passwords and the
email messages are as easy as this web page to read using simple tools that
can be downloaded by anyone? Now you know! There is a simple way to fix
this problem using a secure socket layer (SSL) certificate on your email server.
Most email servers support what is known as TLS encryption and most email
web servers (like Outlook Web Access or OWA) support SSL encryption.
Fortunately, they both can use the exact same certificate on a Microsoft
IIS web server to set up a secure encrypted connection for communication.
This all works in the background. The end-user will just gain the
security without the complication, but you, the server administrator have
a little work to do in order to make this happen.
The first step in securing your server is determining exactly what you
want to secure and to what level. There are so many options
for using each one that you really need to understand the processes used
and how they work. This includes the security level
server resources the security will consume and much more. So, let's begin...
Microsoft IIS needs to support SSL. Out of the box it does not do this,
but by simply going into your server config you can easily add the
Here is the Microsoft Technet article
which explains what you need to do on an IIS 6.0
server. (Applies to: Windows Server 2003)
Here is the Microsoft Technet article
which explains what you need to do on an IIS 7.0
server. (Applies To: Windows Server 2008, Windows Server 2008 R2)
The next step requires you to create a server instance using the built-in
Microsoft SSL Certificate Wizard. This is where things get a little more
complicated, but.. you can do it! Just follow the steps to create a
certificate request, and save the request so that you can process it
later. Do NOT try to submit the request within the wizard as it will
limit what SSL certificate you can get, and where you can get it. One
thing that you need to adjust is the size of the key. A minimum of 2048
bits are required now. Make sure to select that instead of the default
1024 bits in the wizard. You will also need the domain visible in the
whois database (not private registration) and access to the administrative
contact email or an admin/administrator address in the domain you own to
receive the messages for the approval process. If you are confused about
this please give us a call for assistance. We know how daunting a process
this can be if you are not familiar with it. Once you understand it
things are actually quite simple. We will get you there painlessly.
When you are ready to make that cert request and get a certificate we
suggest you find a reliable source (like us)
also give you support, and provide help installing your SSL certificate should you need it. There is
nothing as frustrating as being told that this is your problem and they do
not proivide assistance. Chances are you pay top dollar for that
A little information on TLS:
A TLS connection used for email communication requires only a simple 2048
or greater bit encryption (ECC) certificate. The certificate can be
using a certificate chain as you will be sending out the encrypted data
directly. Basically, the email server will send out the request via a
command like "STARTTLS". A remote server or email client will see this and begin to
negotiate a secure connection if it has that ability. More and more
servers are set up to do this, but most organizations require a private
email server is used as a large email provider cannot guarantee the
security on their server will meet all regulations. PCI-DSS requires a
higher dedicated instance using a certificate in your company name. If you
are using a web based connection then you must decide whether a simple
certifate or a more complicated green bar (verified) certificate is
required. In some cases you may need to have this level of protection.
These SSL certificates are much more expensive so think twice. It looks
great but you may not need it.
Many servers allow you to force a TLS connection when talking to specific
hosts. Make sure that you server does! This allows compliance to
companies that must use TLS for some communications. There are more and
more reasons you need this, including the new HIPAA regulations, insurance
regulations, PCI-DSS requirements and more. The new HIPAA regulations
extend the responsibility beyond a healthcare provider now, and those who
exchange information with them now have to abide by many of the same rules
which include secured email connections.
We can help you with compliance questions. Feel free to give us a ring or
send an email.
Email us at firstname.lastname@example.org
call us toll-free at (800) 651-9324
Your Data Center Incorporated
provides pre-sales, sales and flat-rate installation support when
purchasing an SSL certificate from us
. We also give you the lowest prices around on top industry names like Comodo,
Geotrust, Symantec, Thawte, RapidSSL and Verisign. Our installation
support is not free, but with the money you save buying the SSL
certificate from us it will feel like it is! That is what makes
Your Data Center
a trusted name for all things Internet, from managed
to self-hosting via a three continent wide hosting environment, hundreds
of top-level and sub-level domains name extensions, secure server
certificates for web server and mail server use and much more. We even
have wildcard and multi-domain SSL certificates. Our partnerships allow
us to give you the lowest prices available on the planet! Compare us to
the rest and you will find there is no one who can offer what we can!
OUR PRODUCTS AND SERVICES - WE DO IT ALL!
• Domain Registry - The Lowest Cost Domain Names
• Perhaps the Largest Selection of Domain Names
• New York Website Hosting
• Managed New York Website Hosting
• Chicago Website Hosting
• Managed Chicago Website Hosting
• San Jose Website Hosting
• Managed San Jose Website Hosting
• London England Website Hosting
• Sydney Australia Website Hosting
• Low Cost High Security SSL Certificates
• SSL Certificate Installation and Support
• HIPAA Compliant Off Site Data Backup Services
• New York Area Network and Computer Installation
• New York Area Network and Computer Support
• Website Design and Maintenance Services
• VOIP Phone Services and Installation
• Full Security Audits and Sweeps
• New York Area CCTV, Fire and Burglar Alarms
• Email Server Sales, Service and Support
• File Server Sales, Service and Support
• Computer Sales, Service and Support
• Firewall Sales, Service and Support
• Firewalls, Routers, Switches, Cabling, etc.
• Top Brands like Lenovo, Dell, Sonicwall, Engenius
- Free Link Exchange
- ADVERTISEMENTS -
The Your Data Center Family Includes:
Website Hosting and Corporate Email Just Got Simpler at HostLongIsland.com!
High Quality Business Website Hosting by a Long Islander for Long Island!
Host Long Island is Website Hosting Done Right!
Get Our Android App on Google Play.
Call (516) 256-DATA - (516) 593-DATA - (516) 595-DATA
516.256.3282 (Valley Stream, NY) - 516.593.3282 (Lynbrook, NY) -
516.595.DATA (Woodbury, NY)
Toll-Free: (800) 651-YDCI
Store/Office: 286 Broadway, Lynbrook, NY 11563: (516) 593-DATA
OR CALL THE LOCATION NEAREST YOU NOW!
2016 Your Data Center Incorporated, All Rights Reserved.
New York City, NY: 212.203.8964
Garden City, NY: 516.203.7006
Great Neck, NY: 516.570.3000
Roslyn, NY: 516.299.6500
Huntington, NY: 631.479.3345
Jersey City, NJ: 201.716.1903
Stamford, CT: 203.653.3968
Toll-Free US/CA: 800-651-9324
London, England: 020.3129.2119
Johannesburg, ZA: 010 500 4117
Stockholm, Sweden: 8 446 83 910
The Netherlands: 085 888 3132
Sydney, Australia: 02.8417.BEST (2378)
International iNum: 883510009047956
for Remote Live Support