OWA and OMA does not work externally because certificate won't install on ISA server

Posted on 2009-04-16
Medium Priority
Last Modified: 2012-06-22
I had an old certificate setup for use with my OWA/OMA and RPC over SSL.  Because of certain circumstances, I was not able to renew it when it expired and I had to purchase a new one from the same seller, revoke the old, and install the new.  When I install the new certificate it allows access to OWA and RPC over SSL when connected to the network ONLY.  I have an ISA firewall in place and I deleted the old certificate, but I cannot get the new one to use email authentication as one of its purposes so I cannot connect to OWA or OMA or RPC over SSL externally, it is grabbing the old cert and stating that the cert is expired.  
Question by:jsuttonwirth

Expert Comment

ID: 24165210
Have you actually changed the certificate that the web listener is using in ISA? and remove the old one from the cert store to keep it tidy.

Accepted Solution

Raghuv earned 1000 total points
ID: 24166031
And we hope you have exported the new certificate from the Exchange Server in pfx format and then installed it on the ISA server and once done, then as said by DJ, you need to change to the new certificate on the web listener used by OWA...

Check out the below article to export certificate from Exchange and then import it on ISA,


Author Comment

ID: 24167304
I was trying to change the certificate in the web listener but it would not find the new certificate.  The problem was that I did not import it right.  I took the certificate from the location of where it was on the IIS server and did not do the export on that server.  Once I exported from the IIS server and did the import that way, I was able to go in and change the certificate that the listeners were using.  EVERYTHING is working correctly now.  THANKS!!

Featured Post

What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Mailbox Corruption is a nightmare every Exchange DBA wishes he never has. Recovering from it can be super-hectic if not entirely futile. And though techniques like the New-MailboxRepairRequest cmdlet have been designed to help with fixing minor corr…
This article will help to fix the below errors for MS Exchange Server 2016 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question