[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

OWA SSL Problem

Posted on 2007-07-27
11
Medium Priority
?
217 Views
Last Modified: 2010-03-06
Hi All,

I'm having an issue with Outlook Web Access (Exchange 2003, Server 2003) when trying to set it to use SSL.

There is already a certificate installed and I simpled ticked the box to 'Require secure channel (SSL)' and 'Require 128-bit encryption'.

When browsing to the https link it asks if i want to accept the certificate and tries to load up the correct page but then fails and says it can't be found.
If i untick the SSL box and use the http link then it works fine.

I've recreated IIS but still no joy. Any ideas?
0
Comment
Question by:party_marty
  • 5
  • 5
11 Comments
 
LVL 18

Expert Comment

by:amaheshwari
ID: 19580889
0
 
LVL 104

Expert Comment

by:Sembee
ID: 19580959
The two options to require SSL and 128-bit encryption are not options that turn on or turn off SSL, which many people seem to think they are.
Without those options enabled you should still be able to use SSL, so https://host.domain.com/exchange 

Therefore I would suggest trying it without those options enabled.
Do you have forms based authentication enabled? If not, enable it so that you get the graphical login on SSL instead of the standard box.

Simon.
0
 

Author Comment

by:party_marty
ID: 19581685
Forms based Authentication is enabled but it still brings up the standard box.

I've tried it with and without those SSL options enabled and it still doesn't work.

amaheshwari: Already been through that.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 104

Expert Comment

by:Sembee
ID: 19582419
If you are not getting the forms based authentication page then either something is wrong with the SSL certificate, there is something else is using port 443 or something is wrong with IIS.

Are you sure there is nothing else on the server using port 443?
Verify that anonymous authentication ONLY is configured on the /exchweb virtual directory in IIS Manager.

Simon.
0
 

Author Comment

by:party_marty
ID: 19590902
How can i tell if anything else is using 443?

Permissions for /exchweb are correct.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 19593975
netstat -a will show you what ports of are currently being used by the machine.

netstat -ano will show you the ports and the PID. You can then use task manager to find the application from its PID.

Simon.
0
 

Author Comment

by:party_marty
ID: 19599891
https is just listening
0
 
LVL 104

Expert Comment

by:Sembee
ID: 19608430
Did you run the second command to see what application is listening?

Something is listening to https, I wouldn't disagree with that, but you need to see whether it is IIS or another application.

Simon.
0
 

Author Comment

by:party_marty
ID: 19615303
It's on PID 4 which translates to System in processes
0
 
LVL 104

Accepted Solution

by:
Sembee earned 2000 total points
ID: 19615903
You should find that 80 is on the same PID, which means it is IIS that is listening.
Therefore I would start to suspect the SSL certificate.
Is the SSL certificate home grown or a purchased certificate?

Simon.
0
 

Author Comment

by:party_marty
ID: 19618617
Tested with selfssl...worked first time!

Can't believe a certificate would stop the page from loading properly? Anyway, thanks for all the tips (again) Simon.

0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Stellar Exchange Toolkit: this 5 in 1 toolkit comes loaded with mega-software tool. Here’s an introduction to tools’ usage and advantages:
In this post, I will showcase the steps for how to create groups in Office 365. Office 365 groups allow for ease of flexibility and collaboration between staff members.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Suggested Courses

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question