Articles in Root

Share Via Email

How do I enable an SSL Certificate for a TLS connection in Exchange 2003?

Problem

How do I enable a TLS connection for a Domain on Exchange 2003?

Solution

Part I - Create and Manage Key Certificates

Install your SSL certificate.  Exchange 2003 uses IIS 6. Following the IIS 6 guide on our knowledge base should guide you through this process if it has not already been completed.

Start the Exchange System Manager.

Expand the Exchange Server and click on Protocols

Click on SMTP and then right-click on the SMTP Virtual Server

Scroll down on the drop-down menu and click on Properties.

Click the Access tab, and then click Certificate to set up new key certificates to manage key certificates that are installed for the SMTP virtual server.

Part II - Set TLS encryption levels for the server

Start the Exchange System Manager.

Right-click the SMTP Virtual Server and then click Properties.

Click on the Access tab and then click on Authentication.

Check the Basic Authentication check box and then check the Requires TLS encryption check box. 

Click on the OK button.

Part III (Option 1) - Enable TLS encryption for a specific remote domain

Create a new SMTP Connector.

For more information about how to create a new SMTP Connector, click the following article number to view the article in the Microsoft Knowledge Base:

You will need to create a new SMTP connector.

To enable TLS encryption, right-click the SMTP connector and then click Properties.

Click the Advanced tab.

Click on Outbound Security and then check the TLS Encryption check box.

Note: If the remote domain does not support TLS encryption, all messages are returned and an NDR is generated. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

Part III - (Option 2) Enable Transport Layer Security Encryption for All Outgoing SMTP Connections

To enable TLS encryption for all outgoing SMTP connections, follow these steps:

Install an X.509 Server Certificate on the server. For more information about X.509 certificates, click the following article number to view the article in the Microsoft Knowledge Base:

Start Exchange System Manager.

Right-click the SMTP Virtual Server and then click Properties.

On the Delivery tab of the SMTP virtual server, click Outbound Security, and then click to select the TLS Encryption check box.

Legal


DigiCert is the world’s premier provider of high-assurance digital certificates—providing trusted SSL, private and managed PKI deployments, and device certificates for the emerging IoT market. Since our founding almost fifteen years ago, we’ve been driven by the idea of finding a better way. A better way to provide authentication on the internet. A better way to tailor solutions to our customer’s needs.

© 2020 DigiCert, Inc. All rights reserved. DigiCert, its logo and CertCentral are registered trademarks of DigiCert, Inc. Norton and the Checkmark Logo are trademarks of NortonLifeLock Inc. used under license. Other names may be trademarks of their respective owners.