Broken OWA while trying to install SSL Certificate


Looked through existing questions and can't find my exact problem!

I'm in the middle of trying to get an SSL certificate working with our OWA.  OWA was working fine and I've created a Cert request and sent it to GoDaddy.  They have since delayed my certificate request as I do not have a valid email address attached to my whois record which I have been told by my domain people is normal for a domain.  Anyway I've just found out that while all this is going on OWA has stopped working altogether.  I can ping the redirect no problem so that's working, however I get Page cannot be displayed if I try to access owa externally or by using https://servername/exchange from within the server itself.  I have tried enabling and disabling "Require SSL" in IIS and have restarted IIS but that hasn't worked.

Can anyone please give me some pointers as to how I can troubleshoot this as I am a novice!

Many thanks

Who is Participating?
budchawlaConnect With a Mentor Commented:
The fact that you haven't made any changes to the firewall doesn't indicate that it's not blocking anything!

Previously you were using HTTPS to access OWA. Presumably you were port-forwarding that port to your SBS server.
Now you are going to be using HTTP to access OWA (while you're waiting for your cert). So you need to allow & redirect inbound HTTP traffic from the internet to your SBS server.

Can you confirm that you have done the above? What does your network look like? Gateway router / firewall? ISA?

WRT GoDaddy, they just look at whois info, which doesn't do much for,, .ie etc domains. So they'll send you an option to validate domain control via a DNS or web-based method. This is usually fairly straightforward unless you don't have DNS / web access. If you call them as soon as you've done what needs to be done you should have your cert pretty quickly.

Having said that I've had times when it's taken days to get a cert issued (as Simon mentioned) because I didn't have direct access to the DNS / website, but that's a different story...
Since you've not got an SSL cert for your website (just a pending CSR), you won't be able to connect using SSL. You need to disable the SSL requirement in the Exchange virtual directory (right click>properties>Directory Security tab> Bottom section, "edit" button>un-check the require SSL box.

Then try connecting using just http://server/exchange internally. You may need to also allow HTTP traffic through your router if previously you were only allowing HTTPS.


amlydiateAuthor Commented:
Thanks that's fixed access internally using HTTP: however I still can't get access externally like I did before using the redirect...any thoughts?
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Is your router/firewall/ISA allowing inbound HTTP traffic and redirecting it to your SBS server?

What message do you get when trying to access it externally?
amlydiateAuthor Commented:
I have made no changes to the firewall throughout this so I'm sure it's not blocking anything.  When I enter the url using either http or https I get "Internet Explorer cannot display the webpage"
GoDaddy have problems with domains. Last time I did one with them it took days to get it resolved. I would suggest you abandon the certificate with them and get it from RapidSSL instead. It is a little more expensive but they use a different method to verify the certificate and you should have it in 30 minutes.

amlydiateAuthor Commented:
Hi Bud, thanks for your persistance, you were spot on, needed to forward port 80 on Router. Thanks very much for your help!
Glad to help!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.