Link to home
Create AccountLog in
Avatar of JBillingsley
JBillingsley

asked on

RPC Exchange & Apache config problems

We have tried for a few days now to setup Exchange RPC running through Apache Front end server which is configured to use SSL certificates, which have been signed by a SSL company.

below is the front end server configuration in
apache /etc/httpd/conf.d/vhost.mail.conf

---

<VirtualHost *:443>
    SSLEngine On
    ServerName mail.ourdomain.com:443
    ServerAlias exchangeproxy.ourdomain.com
    ServerAlias exchangeproxy
    ServerAlias mail
    ServerAlias staff
    ServerAdmin webmaster@ourdomain.com
    DocumentRoot /home/vhosts/email/public_html/
    ScriptAlias /cgi-bin/ /home/vhosts/email/public_html/cgi-bin/

    RequestHeader set Front-End-Https "On"

    CacheDisable *

    #SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:
+SSLv2:+EXP:+eNULL
    SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
    SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
    ProxyRequests off
    ProxyPreserveHost On
    <Location /exchange>
        ProxyPass http://exchange.ourdomain.com/exchange
        ProxyPassReverse http://exchange.ourdomain.com/exchange
        SSLRequireSSL
    </Location>
    <Location /exchweb>
        ProxyPass http://exchange.ourdomain.com/exchweb
        ProxyPassReverse http://exchange.ourdomain.com/exchweb
        SSLRequireSSL
    </Location>
    <Location /public>
        ProxyPass http://exchange.ourdomain.com/public
        ProxyPassReverse http://exchange.ourdomain.com/public
        SSLRequireSSL
    </Location>
    <Location /rpc>
        ProxyPass http://exchange.ourdomain.com/rpc
        ProxyPassReverse http://exchange.ourdomain.com/rpc
        SSLRequireSSL
    </Location>
    <Location />
        ProxyPass http://exchange.ourdomain.com/
        ProxyPassReverse http://exchange.ourdomain.com/
        SSLRequireSSL
    </Location>
    <Files ~ "\.(cgi|shtml|phtml|php3?)$">
        SSLOptions +StdEnvVars
    </Files>
   <Directory "/home/vhosts/email/public_html/cgi-bin">
     SSLOptions +StdEnvVars
   </Directory>

    SetEnvIf User-Agent ".*MSIE.*" \
      nokeepalive ssl-unclean-shutdown \
      downgrade-1.0 force-response-1.0

    CustomLog /home/vhosts/email/logs/ssl_request_log \
      "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

    TransferLog /home/vhosts/email/logs/transfer.log
    ErrorLog /home/vhosts/email/logs/error.log
    CustomLog /home/vhosts/email/logs/access.log common
</VirtualHost>

---

RPCproxy has been installed on the exchange server, I have configured IIS to not
require SSL for the RPC website (server\web sites\default web site\rpc
(as SSL between exchange and apache/firewall would confuse matters), there's the
possibility that the rpcproxy.dll file (in IIS) isn't correctly
configured although I'd imagine microsoft would have set this
configuration correctly on install.

The registry keys have been set, at HKLM\software\microsoft\rpc\rpcproxy
including the allowanonymous and valid ports settings.

From what I know that is all that is required to get it working. The
only bug I can think of is when the server offers for download
rpcproxy.dll, the server should be executing that as a CGI script I
think!

If anyone can throw some pointers that would be great as we cannot connect to the exchange server via rpc!  
ASKER CERTIFIED SOLUTION
Avatar of Sembee
Sembee
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of JBillingsley
JBillingsley

ASKER

Simon,

mod_rpc_proxy is installed on the apache server, it can handle requests and can act as a front end server, as that is what the module was designed for.

Thanks,
Jon
I have never heard of anyone getting it to work - it certainly isn't something that is supported by Microsoft.

Simon.