How do I copy a IIS/OWA website so I can add a different host header and secure certificate to the new site?

Posted on 2007-07-25
Last Modified: 2012-05-05
I currently have a windows 2003 server running exchange 2003 and IIS 6.0 and I have one working exchange OWA site running within my IIS that was there when I started.  It has a perfectly working host header and digital certificate for the domain it is hosting.  I need to either find a way to add a second secure certificate to that site for a different domain name so it will do ssl for both or copy that site, change the host header, give windows a second IP, bind that new site to the other IP and load it's digital certificate into the new site.  What I can't figure out is how to copy an IIS site (OWA specifically).  Please help.
Question by:AAAOK
    LVL 104

    Expert Comment

    You can't use host headers with SSL certificates.
    While in theory you can copy the web services to another virtual server, it is not something that Microsoft support. If you call Microsoft for support they will only talk about whatever is on the default web site.
    You can try exporting the directory configuration and importing it on to the second site, but there is a high chance it will not work - Exchange is not designed to work in that way.


    Author Comment

    Ok.  How do I get two different ssl certs on one site then?  I had two different exchange sites running at my old job but openly admit that was setup before I got there.  I basically need the same thing here now.
    LVL 104

    Expert Comment

    I don't know how it was done before. You cannot have two SSL certificates on the same site. The other site may have done something that was not supported. The fact that someone else has done it does not mean it is the correct thing to do, is supported, or is the best way of achieving an objective.

    What is the objection to having everyone use the same site? It is just a URL for access.


    Author Comment

    Thanks for your help.  Ok.  forget the ssl and the host headers.  How do I copy the current iis website that is my owa?  Is that what your saying isn't supported?  I have seen several IIS sites for several exchange domains pretty much everywhere I have ever worked.  I was under the impression that was how you got the digital certs loaded for all the host/domains you have to support.  I may not be wording my question correctly.  
    LVL 104

    Accepted Solution

    That may be how some people do it, but it isn't something I do.

    If the server is hosting multiple domains then all the users get a single URL to access for OWA. That same URL also does RPC over HTTPS, Windows Mobile support etc. Single SSL certificate is used. I don't see any point in setting up multiple web sites just for the aesthetic appeal of a unique URL.

    If you want to do it, then you have to add the web sites first, and then add the virtual directories through ESM. In some cases you have to export the virtual directories and then import them again. I have seen it tried and fail on numerous occasions.

    LVL 31

    Assisted Solution

    Just to clarify, if you add extra sites in IIS Manager, then you won't be able to add Exchange Virtual Directories to them in ESM, because it won't list the extra sites.  ESM will only list sites (known in ESM as Virtual HTTP Servers) that were added in ESM.  It is possible to add an OWA VDir to a site created in IIS Manager by exporting the configuration of the existing Exchange VDir to a file, and then importing it into the extra sites.

    If you create an extra site in ESM, you don't need to create an Exchange VDir underneath it, because the ESM-added sites are dedicated to OWA anyway.

    You can't use SSL with host headers because the request needs to be decrypted against a site certificate, which means that IIS needs to choose a site before it gets a chance to see the server name used in the request.  Kind of a Catch-22 situation.  To use SSL on each site they would all need unique IP addresses and/or port numbers.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How to improve team productivity

    Quip adds documents, spreadsheets, and tasklists to your Slack experience
    - Elevate ideas to Quip docs
    - Share Quip docs in Slack
    - Get notified of changes to your docs
    - Available on iOS/Android/Desktop/Web
    - Online/Offline

    Check out this infographic on what you need to make a good email signature that will work perfectly for your organization.
    Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
    In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
    To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    9 Experts available now in Live!

    Get 1:1 Help Now