Should i be able to see https://servername/rpc ?

I'm having problems getting Outlook anywhere setup and so i thought i'd see if the RPC site was running. If i browse to https://owa.domain.co.uk/rpc i just get error 500 'the website cannot display this page'. If i do this internally to mailserver/rpc i get http error 500.24 internal server error 'An ASP.net setting has been detected that does not apply in Integrated management pipeline mode'
Should i be able to browse to this site either externallt or internally ? if so what should i see.

Thanks
LVL 1
NetexpertsAsked:
Who is Participating?
 
Alan HardistyConnect With a Mentor Co-OwnerCommented:
Yes - you cannot use a self-signed certificate with Exchange 2007 if you want to use Outlook Anywhere - you should buy a 3rd Party SSL certificate and this should be a SAN / UCC type:
http://technet.microsoft.com/en-us/library/bb851554(EXCHG.80).aspx
Extract (in case of link failure):
  • Expiration Date: The self-signed certificate expires 12 months after Exchange 2007 is installed. When the certificate expires, a new self-signed certificate must be manually generated by using the New-ExchangeCertificate cmdlet.
  • Outlook Anywhere: The self-signed certificate cannot be used with Outlook Anywhere. We recommend that you obtain a certificate from a Windows PKI or a trusted commercial third party if you will be using Outlook Anywhere.
  • Exchange ActiveSync: The self-signed certificate cannot be used to encrypt communications between Microsoft Exchange ActiveSync devices and the Exchange server. We recommend that you obtain a certificate from a Windows PKI or a trusted commercial third party for use with Exchange ActiveSync.
  • Outlook Web Access: Microsoft Outlook Web Access users will receive a prompt informing them that the certificate being used to help secure Outlook Web Access is not trusted. This error occurs because the certificate is not signed by an authority that the client trusts. Users will be able to ignore the prompt and use the self-signed certificate for Outlook Web Access. However, we recommend that you obtain a certificate from a Windows PKI or a trusted commercial third party.
Info about what names to include in an Exchange 2007 SSL Certificate:
http://blog.sembee.co.uk/archive/2008/05/30/78.aspx 
0
 
Alan HardistyCo-OwnerCommented:
There is nothing in RPC to see, so you should not be able to browse to it.
Outlook Anywhere should work pretty much out of the box as long as you have added the HTTP over RPC component which is not installed by default.
Please visit https://testexchangeconnectivity.com and run the Outlook Anywhere test and post back the results.
0
 
NetexpertsAuthor Commented:
Thanks alanhardisty,

I have already ran the test and all comes up passed except with :

Validating certificate trust
  Certificate trust validation failed
   Additional Details
  Certificate chain could not be built. You may be missing required intermediate certificates.  
 

I have been told that this is down to using a self signed certificate.
I keep getting the username prompt as though it's connecting but it then disappears and then pops back up.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
NetexpertsAuthor Commented:
So is this the reason it won't work, because i have a self-signed certificate ? could i just turn off SSL ?
0
 
Alan HardistyCo-OwnerCommented:
I would imagine that you can turn off SSL, but then you are opening yourself up to a world of hurt by sending your passwords in plain text.
A GoDaddy SAN SSL certificate will cost you £56.40 for a 1 year - 5 name certificate.   that should not break your bank and will save you lots of hassle long term.
http://www.godaddy.com/gdshop/ssl/ssl.asp?ci=8979 
0
 
NetexpertsAuthor Commented:
Thanks
0
 
Alan HardistyCo-OwnerCommented:
No problems - if you get stuck anywhere - please come back.
Best wishes
Alan
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.