OWA over port 443 with own certifacte

Posted on 2006-05-23
Medium Priority
Last Modified: 2010-03-06
I have an Exchnage 2003 SP2 server running on Win 2003 SP2.  There is port forwarding (443 and 80) on the firewaall to the server's internal IP.  I only want to run port 443 / SSL for OWA clients.

I installed certificate serive on the exchange server, all that seems right.  When I launch a browser and do a https connection to the server I get the trusted certificate dialog which allows me to install the cert etc.

When I click accept/ok it then says it cant find the page.

Any idea why it cant see my owa?
Question by:martinmcginley
  • 2
LVL 57

Accepted Solution

Pete Long earned 750 total points
ID: 16744604
heres the full run through of what I do :) check you did all this

Secure OWA with SSL

First make sure OWA is installed and working correctly.

Then make sure the server has Certificate Services Installed.

1. Click Start > Control Panel > Add or Remove Programs > add/Remove Windows Components .
2. Select Certificate Services.
3. A Screen will pop up saying you can change client/domain names afterwards - Click Yes.
4. Choose Enterprise root CA and click next, in the following screen we have to fill out the Common name for our CA, I use the server name > Leave the other fields untouched and click Next.
5. Accept Defaults and click next.
6. When done click finish.

Now you need to Set IIS to see the certificate.

NOTE this WON’T!!! Affect any websites that are up already - don’t panic.

1. Open IIS admin console.
2. Right Click Default Website > Properties > Directory Security > Secure communications > Server Certificate.
3. Assign an existing certificate. > Next.
4. Select the Certificate you created (NB it will say client connection).

Now test it,

1. Navigate to http://servername/exchange - you should get an error telling you, you require a secure connection.
2. Navigate to https://servername/exchange - you should get through.

NOTE: you will need Port TCP 443 open on the firewall for this to work.

Author Comment

ID: 16744783
I have checked through the above procedure and I can lock the directory so it only accepts the ssl/secure connection but when I do that it still says:

"The page cannot be displayed"

LVL 57

Expert Comment

by:Pete Long
ID: 16766776

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Want to know how to use Exchange Server Eseutil command? Go through this article as it gives you the know-how.
Mailbox Corruption is a nightmare every Exchange DBA wishes he never has. Recovering from it can be super-hectic if not entirely futile. And though techniques like the New-MailboxRepairRequest cmdlet have been designed to help with fixing minor corr…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…
Suggested Courses

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question