We help IT Professionals succeed at work.

Problems with Exchange 2003 RPC over HTTPS

Last Modified: 2012-05-05
Hello All,

Ok. I've been fighting with this for about a month now.. and I can't seem to fix it on my own. Here's the scoop so far:


Server 1:  Windows 2003 R2 Enterprise GC / DC
Server 2:  Windows 2003 R2 w/ Exchange 2003 and all Service Packs
OWA is installed, and working on Exchange. Using a purchased certificate from Certificates for Exchange. Installed, and working correctly.

I have followed all of the steps for RPC over HTTPS that I can find. I've done and redone the registry settings, using the guide from Sembee's site, to create the registry settings and just install a .reg file. Today, I just did Split DNS to be sure. Here are the specifics:

The internal domain name is the same as what it is on the internet... domain.ca. I have a machine that I have synched internally once.. so it has a copy of the exchange mailbox.. and I am able to use it there. Some notes:

1) My client machine is running Outlook 2007.
2) I have yet to be able to connect successfully.

I've checked and re-checked the registry entries.. but hell, I'll check them again. One question: should I be making any alterations to the registry on my secondary DC?

Despite the novel above, when making suggestions.. assume nothing. I have no problem starting from the beginning, if you think it will help.

For ease of reference, here are the internal Server names (minus the domain name)

ECDC1 -  Primary Domain Controller, GC
ECEXCH1- Exchange 2003 Server
ECDC2- Second Domain Controller
Watch Question

Expert of the Year 2007
Expert of the Year 2006

Have you put the second DC in to the registry settings?
If you have, then the DC registry setting needs to be made on that machine as well. If you haven't then don't worry.
Although, it doesn't do any harm to make the change on the other DC. It doesn't affect the operation of the server in any way.

The registry settings are the common reason for problems. Also SSL certificate and authentication mismatches. Which authentication methods do you have enabled on the /rpc virtual directory in IIS manager?


If your question has been answered, pleased remember to accept the answer and close the question.


The only method I have is basic authentication on the /rpc directory. Should there be anything else?
Expert of the Year 2007
Expert of the Year 2006

Thats fine. Which setting have you entered in to Outlook when you configured it?

Although I usually deploy RPC over HTTPS with both Integrated and Basic authentication enabled so I have both options. If you do make the change, run iisreset from a command prompt to write the changes to the IIS metabase.



Ok. So, here's where I am at:

1) Even though I didn't make any changes.. I did an IIS reset on the Exchange server (since that's where OWA is running from)
2) Also, since I had to do so for updates.. I rebooted my DC / GC.

Tried again.. and I am not able to connect using Outlook. Outlook is using Basic Authentication, since the laptop is not a domain member. The username format I am using is domain\username

Some things I forgot to mention:

-The DC/ GC is running the x64 edition of Windows Server 2003 R2 Enterprise Edition
-Exchange is run on an x32 edition of Windows 2003 R2.

I'm still waiting on the reboot (I started it just as I started typing this message) and then I am going to reboot the Exchange server, and test. Will update probably tomorrow with more info.


OK. The reboot went.. and still the same. Seems to just time out. It initially tries HTTPS connections.. but that's about it.

I'm out of ideas... I'm reasonably certain the registry entries are correct, but I get that sinking feeling I am missing something.



Hmm.. I wonder.

Is there a good and easy to "uninstall" RPC over HTTPS and start over, without having to take the Exchange server offline? (and the DC too). Could it be just as simple as removing the registry entries, and undoing the GUI Settings?
Expert of the Year 2007
Expert of the Year 2006
Unlock this solution and get a sample of our free trial.
(No credit card required)


OK. I feel like I should know this answer.. but I want to be sure. Should RPC Proxy be installed only on the Exchange Server, the GC / DC, or both?


OK, I feel like a special child here. I was re-reading Sembee's how to over at http://www.amset.info/exchange/rpc-http-server.asp

(very helpful BTW.. I think by far the most useful).

I found the source of my problem, and here is a quote from Sembee, on his page:

"If you are using a front-end/back-end scenario (at least two Exchange servers), then you do not need these settings, unless you are having problems with the GUI.
If you have tried to use the GUI interface then you need to change it back to "Not Part of an Exchange Managed RPC-HTTP Topology" and then use the registry keys.
Remember: GUI or Registry - not both."

It's that last line that's the most important. And once I disabled the gui portion.. presto. it works. So thanks Sembee... and man, do I feel dumb now. But it works.

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.