[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 541
  • Last Modified:

Is it possible to setup a 2nd OWA site on the same one Excahnge Server? How?

II have a predicament:  we setup a 3rd party exchange archival system by Mimosa, Nearpoint.  All is good except that now I need it to work with OWA.  All was simple until I enabled OWA over SSL and got my organization a simple SSL certificate for the IIS; installed it and tested it and is running fine:  accessing OWA from public domain recognizes the certificate and communication works as it should over SSL.
 However, Mimosa Nearpoint cannot communicate with OWA server because of the internal vs. external naming differences. The certificate is for email.mydomain.org while the netbios internal name is server (simplified for here only).  So the connection is refused.
Now I tried with the CA to get a multi domain certificate& to make it short, after some misdirection, IIS over Windows 2003 and Exchange 2003 do not support UCC.  So I am back to the only possible solution I can think of:  setup a 2nd OWA website on the same server with its own internal SSL Cert.
Is this possible?  Any one now of an article for that (I was not able to locate one on MS/KB).
(BTW:  it behooves me that Mimosa cannot solve this&  still trying with them as well.)
0
InWoods
Asked:
InWoods
  • 2
  • 2
1 Solution
 
LeeDerbyshireCommented:
You can add another site in Exchange System Manager.  One thing you might try first, though, is not requiring SSL on the original Default Web Site.  I know this sounds less secure, but if you then only allow port 443 in to the server, rather than both 80 and 443, then this will have the same effect.  Of course, it also means that users on the LAN will be able to access OWA without SSL.  But not from the WAN.  SSL doesn't have to be actually 'required' in order for it to be used for a client connection.
0
 
InWoodsAuthor Commented:
not sure that i fully understand.  if i take port 80 out of the allowed ports on the IIS Excahnge server then every one will have to access thrue HTPPS protocl, including internal LAN users.

Regarding 2nd site:  is there a special procedure for setting up a second site for OWA?  just creating another web site on IIS is trivial.

thanks,
0
 
LeeDerbyshireCommented:
I meant only allow port 443 (i.e. remove 80) at the firewall/router, not at the server.

Creating a second OWA site should be done in ESM, not IIS Manager (it's possible, but more complicated).  To add it in ESM, you need to find Servers/<server>/Protocols/HTTP , and add another Virtual Server, which will then be copied (along with its special properties) in IIS Manager soon after.
0
 
InWoodsAuthor Commented:
ahhh ok on both.  
makes scense:  restict the port on the firewall... is already done.  Thrue,

got is:  crate new Virtual Server in ESM.  simple enought.

thanks.
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now