OWA 2000 Force SSL Encryption Not Working

I have recently deployed Exchange 2000, with the Exchange 2000 installation on one server (back-end) and an OWA 2000 installation on another server (front-end). I have implemented SSL on the OWA 2000 server, and it is working fine (ie I can successfully logon to test accounts with OWA via https:\\servername\exchange). Additionally, I wanted to force SSL encryption from a user's http request - the Force SSL Encryption instructions in KB279681 are not working. No matter what combination of changes I have attempted, when I use http:\\servername\exchange I get the standard 403.4 error.
 
I have successfully implemented the instructions in KB279681 on our existing messaging system, Exchange 5.5 on Windows 2000 Advanced Server using SSL, and forcing SSL encryption is working fine on the existing messaging system.
 
So far, I have tried:
 
1.  Recreating the owahttps.asp document
2.  Copying the functioning owahttps.asp document from our Exchange 5.5 system to the OWA 2000 system to see if it works (it doesn't)
3.  Applied owahttps.asp to both the Default Web Site\custom errors and Exchweb virtual directory\custom errors on the OWA server.
 
The properties pages match up closely enough from the old system (Exchange 5.5\Windows 2000 Advanced\IIS 5.0) to the new system (Exchange 2000\Windows 2000 Advanced\IIS5.0) - any possible conflicts or problems from the properties pages are not readily apparent.
 
Has anybody resolved this problem before?
 
Thanks
jaisbellAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David WilhoitSenior Consultant, ExchangeCommented:
Is it finding the FQDN of your BE server cleanly? I would assume so, since it works with basic, just checking. your FE is point to internal DNS?

"3.  Applied owahttps.asp to both the Default Web Site\custom errors and Exchweb virtual directory\custom errors on the OWA server."

In the article it speaks of the Exchange directory, not Exchweb: "NOTE: The Exchange folder is the only folder that needs to have the Required setting selected for OWA to require SSL. If you have other folders that need to be required, to allow for the HTTP request, verify that the OWAasp folder does not have the requirement set."

Is all that set cleanly? Just double checking what you've already done, this looks like we're missing something simple.

D
0
jaisbellAuthor Commented:
I have found SSL installation instructions with screenshots on the web - the problem is the Exchange virtual directory (as you noted in paragraph 3 above - I assumed the reference to an Exchange virtual directory was incorrect for an FE server).

In ISM, the public, Exchange, and Exadmin virtual directories all show error, even though some installation instructions indicate this is normal - apparently, I need the Exchange virtual directory on the FE server to run normally in order to apply this force encryption.

The error messages for these virtual directories will not change no matter what combination of services I start.

Any ideas why these 3 virtual directories would be stopped after a normal installation?

j
0
David WilhoitSenior Consultant, ExchangeCommented:
It's always been a problem with dependencies. I've never fixed it, only gotten around it. On the server in question, stop and start the default web site, then refresh the view. All 3 directories should show up in the IIS amanger at that point. If not, then there's another problem.

D
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.