• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 270
  • Last Modified:

Enabling HTTPS AND HTTP for OWA? v.babysteps

I am about to send a CSR off to a Certificate Authority as the first step in setting up secure OWA for my users.  This is the first time I've done this, and I don't want to screw it up.

Can I set up both HTTP and HTTPS access to OWA?  If so, how?  Or is it an either/or proposition?
2 Solutions
Check in IIS  right click on your website root go to properties then directory security - secure communications if you already have a certificate click on edit in there you will see a box saying require secure channel ssl just make sure its not checked, if it is checked it will force ssl .
Efren is correct.....you can make HTTPS available by issuing the cert, and opening port 443, etc. - end users can connect with HTTP or HTTPS. But if the box mentioned is checked (require secure channel), then HTTP will be rejected and users will be forced to use HTTPS.

What many people do, for security's sake, is use redirection so that if a user goes to http://<owasite> they are automatically redirected to https://<owasite>.
There are plenty articles on the net, but here are a few:

SteveAuthor Commented:
Exactly what I was looking for.  Thanks.

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now