brian_appliedcpu
asked on
What are the proper security settings in IIS for Exchange and RPC using SSL
I have a clients server that I belive the security settings are all screwed up inside of IIS.
We recently purchased a SSL cert for them and are attempting to setup their Exchange OWA and RPC to use the SSL. I can't seem to find an article that addresses ALL the settings from use SSL 128 and authentication and access types.
I remember reading a EE posting about this very thing, but cannot seem to find it.
Any help would be appreciated.
Our server is a Win2k3 sp1.
Thanks.
We recently purchased a SSL cert for them and are attempting to setup their Exchange OWA and RPC to use the SSL. I can't seem to find an article that addresses ALL the settings from use SSL 128 and authentication and access types.
I remember reading a EE posting about this very thing, but cannot seem to find it.
Any help would be appreciated.
Our server is a Win2k3 sp1.
Thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
RPC over HTTPS requires a ton of registry settings to be applied unless you are in a frontend/backend scenario. Those are wiped out when you remove the RPC Proxy component.
Simon.
Simon.
ASKER
did the recreate the virtual directories for OWA using this article:
http://support.microsoft.com/default.aspx?kbid=883380
but still having the same 404 issue.
I do not have sharepoint installed.
I do have reporting services installed however.
http://support.microsoft.com/default.aspx?kbid=883380
but still having the same 404 issue.
I do not have sharepoint installed.
I do have reporting services installed however.
Are you getting a 404 on both http and https?
Is that happening immediately, or do you get any kind of prompt?
Did the directories create correctly on their own?
Any errors in the event logs when the services were restarted?
Anything else installed on this machine that could have taken over the Default Web Site?
Have you checked the configuration of IIS to ensure that there is nothing else listening on the port on that IP address?
Simon.
Is that happening immediately, or do you get any kind of prompt?
Did the directories create correctly on their own?
Any errors in the event logs when the services were restarted?
Anything else installed on this machine that could have taken over the Default Web Site?
Have you checked the configuration of IIS to ensure that there is nothing else listening on the port on that IP address?
Simon.
ASKER
We had sql 2000 reporting services installed and uninstalled them but i dont think that was the issue.
I did the recreate 3 times with no difference then i tried a different account rather than the administrator's and it worked fine. Now i wonder if it was broken at all.....????
Thanks for your help and i will give you the points because you taught me something about recreating the iis virts.
I did the recreate 3 times with no difference then i tried a different account rather than the administrator's and it worked fine. Now i wonder if it was broken at all.....????
Thanks for your help and i will give you the points because you taught me something about recreating the iis virts.
ASKER
I lied, i did not wait long enough to see if it finished loading...
Now all it says is that it is Loading the inbox....forever.
Now all it says is that it is Loading the inbox....forever.
Microsoft have an extensive article on the "loading" issue:
http://support.microsoft.com/default.aspx?kbid=280823
Simon.
http://support.microsoft.com/default.aspx?kbid=280823
Simon.
ASKER
I now understand that i must reinstall exchange so i am in the process and since i have sp2 installed it keeps asking me to overwrite newer file? Since i will immediately install sp2 should i say yes or no?
I tend to say no, and then install the service pack immediately. You must also install any updates that were on the machine that are dated after the service pack, before you look at putting the machine back in to production.
Simon.
Simon.
ASKER
the rpc ports?