Avatar of Steveh24
Steveh24 asked on

OWA not working using a SSL Certificate

I have successfully installed a SSL Certificate on our Exchange 2003, but when trying to access the OWA using a https URL it says the web page cannot be found, if I use the computer name instead of the domain it works but says there is a certificate error, which I suppose is correct as its not the name on the certificate, it alsoworks if I use the old http URL.

The Firewall has been setup correctly and Port 443 has been opened
The Exchange is working correctly and the users are receiving and seding mail.

What do I need to do to get the OWA working correctly.

Steveh24


Exchange

Avatar of undefined
Last Comment
Steveh24

8/22/2022 - Mon
vsganesh

have you checked whether you have registered the "A" record for the domain name in the local DNS?
Sam Panwar

Hi,

Please check the following to troubleshot the problem
1. The site is running on the dedicate IP and not assigned any other
2. Please don't use allassign IP in the site host header.

After that please try following

Once remove the all the virtual directory and recreate through the following command by using powershell

Remove-OWAVirtualDirectory "owa (Default Web Site)"

After that create again through the following command

New-OwaVirtualDirectory -OwaVersion:"Exchange2003or2000" -Name "Exchange" -WebSite "Default Web Site" -VirtualDirectoryType:Mailboxes

New-OwaVirtualDirectory -OwaVersion:"Exchange2003or2000" -Name "Public" -WebSite "Default Web Site" -VirtualDirectoryType:PublicFolders

New-OwaVirtualDirectory -OwaVersion:"Exchange2003or2000" -Name "Exadmin" -WebSite "Default Web Site" -VirtualDirectoryType:Exadmin

New-OwaVirtualDirectory -OwaVersion:"Exchange2003or2000" -Name "Exchweb" -WebSite "Default Web Site" -VirtualDirectoryType:Exchweb

For ActiveSync, run the following command:

New-ActiveSyncVirtualDirectory -WebSiteName "Default Web Site"

once it has been done, install the SSL certificate and check if it working or not.

thanks,
SAM
***Web Site Removed*** by TechSoEasy
ASKER
Steveh24

An A Record has been added

Sam - I'm not sure where you are talkimng about in points 1 & 2, is this the DNS Server or the Exchange Server.

I have already installed the Certificate so should I unistall it or just do as you say and then install it again.

Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
ASKER CERTIFIED SOLUTION
Sam Panwar

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER
Steveh24

Abs - I have enclosed requested Screenshots
Web-Site-Identification.doc
ASKER
Steveh24

If I use the URL https://server_name/exchange I am able to access my Webmail but I am getting an error message saying there is a problem with this website's security certificate and if i continue to this website the URL bar has gone Pink and it shows that I have a Certificate Error

Sam Panwar

Hi,

I have checked your screenshot so please check the following.

1. When you ping your OWA website it is response IP 192.168.3.5.  It is correct or not.
2. When you ping thr OWA site the IP address of the server_name = IP address of the OWA website : yes or not.

If the https://servername/exchange/ is working fine that means the SSL is configured on the IP address of the main server IP with the port 443.

Please try the following and update if you still face same problem

https://exchangewebsite/owa  instead /exchange

thanks,
sam
***web site link removed*** TechSoEasy -- EE's Microsoft Zone Advisor
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER
Steveh24

vsqanesh

I foloed youe instructions and I now get a login screen when I enter the URL https://webmail.DOMAIN.com/exchange, but when I enter my correct loging details is comes back with an error saying "Error: Access is Denied"

Getting there slowly, what is wrong now


ASKER
Steveh24

I think I have solved the problem, I was using the wrong Authentication, I have now switched to Basic and I can access my OWA, but several other users can't and I suspect a problem with the DHCP Server.

How do I avoid putting /exchange.

vsganesh

Hi,

Is your authentication issue resolved?

Below is the steps to avoid putting "/exchange" in the OWA link.

1.  Assuming that the only thing IIS does on your Exchange server is OWA, make the following change to redirect requests to the /exchange virtual directory.  Open notepad and type the word redirect.  Save the file with the name redirect.htm into the default web site directory.  Now go to the properties of this file (redirect.htm) from within IIS Manager, and under the option The content for this resource should come from: choose A redirection to a URL.  In the redirect to: box that is now able to be filled it, type /exchange.
 
*Note:  If you have additional content on the default web site of your Exchange server and/or host other websites, be aware that after completing this step, requests to the default website will result in automatic redirection to the /exchange virtual directory.  Make sure that you understand the impact of this change.
 
2.  On the properties of your Default Web Site, go to the Documents Tab. Add redirect.htm to the list of documents, and move it to the top of the list.  This ensures that the server checks for the redirect.htm file first and if it finds it, it will execute it.
Your help has saved me hundreds of hours of internet surfing.
fblack61
vsganesh

Hi Steve,

1) If you still have the authentication problem for some users, check whether the OWA is enabled on their user profile in the AD, even though it is enabled by default.

Also go thru the below link to confirm your OWA configuration and also the IIS permission.

http://www.computerperformance.co.uk/exchange2003/exchange_2003_OWA.htm
http://support.microsoft.com/kb/327843

2) Are you running on the below environment?
Windows 2003 SP2?
Exchange 2003 SP2?
Running the OWA on the same server as the mailbox server?

3) Also another tips on how to hardcode the "domainname\" in the OWA server, so user dont need to enter the domain name everytime in the logon page....Referbelow.

http://www.msexchange.org/tutorials/OWA2003Forms-based-Authentication-default-domain.html


 
ASKER
Steveh24

Thanks guys for all your help, between you I now have the OWA working fine.

Steve