?
Solved

Should i be able to see https://servername/rpc ?

Posted on 2009-12-29
7
Medium Priority
?
673 Views
Last Modified: 2012-05-08
I'm having problems getting Outlook anywhere setup and so i thought i'd see if the RPC site was running. If i browse to https://owa.domain.co.uk/rpc i just get error 500 'the website cannot display this page'. If i do this internally to mailserver/rpc i get http error 500.24 internal server error 'An ASP.net setting has been detected that does not apply in Integrated management pipeline mode'
Should i be able to browse to this site either externallt or internally ? if so what should i see.

Thanks
0
Comment
Question by:Netexperts
  • 4
  • 3
7 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 26137242
There is nothing in RPC to see, so you should not be able to browse to it.
Outlook Anywhere should work pretty much out of the box as long as you have added the HTTP over RPC component which is not installed by default.
Please visit https://testexchangeconnectivity.com and run the Outlook Anywhere test and post back the results.
0
 
LVL 1

Author Comment

by:Netexperts
ID: 26137375
Thanks alanhardisty,

I have already ran the test and all comes up passed except with :

Validating certificate trust
  Certificate trust validation failed
   Additional Details
  Certificate chain could not be built. You may be missing required intermediate certificates.  
 

I have been told that this is down to using a self signed certificate.
I keep getting the username prompt as though it's connecting but it then disappears and then pops back up.
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 2000 total points
ID: 26137390
Yes - you cannot use a self-signed certificate with Exchange 2007 if you want to use Outlook Anywhere - you should buy a 3rd Party SSL certificate and this should be a SAN / UCC type:
http://technet.microsoft.com/en-us/library/bb851554(EXCHG.80).aspx
Extract (in case of link failure):
  • Expiration Date: The self-signed certificate expires 12 months after Exchange 2007 is installed. When the certificate expires, a new self-signed certificate must be manually generated by using the New-ExchangeCertificate cmdlet.
  • Outlook Anywhere: The self-signed certificate cannot be used with Outlook Anywhere. We recommend that you obtain a certificate from a Windows PKI or a trusted commercial third party if you will be using Outlook Anywhere.
  • Exchange ActiveSync: The self-signed certificate cannot be used to encrypt communications between Microsoft Exchange ActiveSync devices and the Exchange server. We recommend that you obtain a certificate from a Windows PKI or a trusted commercial third party for use with Exchange ActiveSync.
  • Outlook Web Access: Microsoft Outlook Web Access users will receive a prompt informing them that the certificate being used to help secure Outlook Web Access is not trusted. This error occurs because the certificate is not signed by an authority that the client trusts. Users will be able to ignore the prompt and use the self-signed certificate for Outlook Web Access. However, we recommend that you obtain a certificate from a Windows PKI or a trusted commercial third party.
Info about what names to include in an Exchange 2007 SSL Certificate:
http://blog.sembee.co.uk/archive/2008/05/30/78.aspx 
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 1

Author Comment

by:Netexperts
ID: 26137451
So is this the reason it won't work, because i have a self-signed certificate ? could i just turn off SSL ?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 26137478
I would imagine that you can turn off SSL, but then you are opening yourself up to a world of hurt by sending your passwords in plain text.
A GoDaddy SAN SSL certificate will cost you £56.40 for a 1 year - 5 name certificate.   that should not break your bank and will save you lots of hassle long term.
http://www.godaddy.com/gdshop/ssl/ssl.asp?ci=8979 
0
 
LVL 1

Author Closing Comment

by:Netexperts
ID: 31670721
Thanks
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 26137614
No problems - if you get stuck anywhere - please come back.
Best wishes
Alan
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Steps to fix error: “Couldn’t mount the database that you specified. Specified database: HU-DB; Error code: An Active Manager operation fail”
Exchange administrators are always vigilant about Exchange crashes and disasters that are possible any time. It is quite essential to identify the symptoms of a possible Exchange issue and be prepared with a proper recovery plan. There are multiple…
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
This video discusses moving either the default database or any database to a new volume.
Suggested Courses
Course of the Month14 days, 5 hours left to enroll

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question