We help IT Professionals succeed at work.
Get Started

Cas Proxying error.

duartelazaro asked
Last Modified: 2012-05-09
I´m having this error on my CAS, this is the scenario:

1 CAS, webmail.contoso.com (cas1.contoso.com);
2 mailbox server srv1.contoso.com & srv2.contosol.com

If i have a mailbox on srv1, then i can access the email via OWA, but if the mailbox on srv2, then i get this error:

Outlook Web Access is not currently available for the user mailbox that you are trying to access. If the problem continues, contact technical support for your organization and tell them the following: Outlook Web Access could not establish a Secure Sockets Layer (SSL) connection to the Microsoft Exchange Client Access server that should be used to access the mailbox.

Url: https://webmail.contoso.com:443/owa/ev.owa?oeh=1&ns=HttpProxy&ev=ProxyRequest
User host address:
User: User
EX Address: /o=Contoso/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=xxxx
SMTP Address: user@contoso.com
OWA version: 8.1.359.2
Second CAS for proxy: https://srv2.contoso.com/owa

Exception type: Microsoft.Exchange.Clients.Owa.Core.OwaProxyException
Exception message: The CAS server is most likely not configured for SSL (it returned a 403)

Call stack

No callstack available


on the Cas server i view this errors on eventvwr:

Event Type:      Error
Event Source:      MSExchange OWA
Event Category:      Proxy
Event ID:      42
Date:            12-04-2010
Time:            8:54:44
User:            N/A
Computer:      cas
Microsoft Exchange Client Access server "https://webmail.contoso.com/owa" attempted to proxy Outlook Web Access traffic to Client Access server "https://srv2.contoso.com/owa". This failed because one of these configuration problems was encountered:

1. "https://srv2.contoso.com/owa" has been set to use "http://" (not using SSL) instead of "https://" (using SSL). You can modify this by setting the InternalUrl parameter of the Outlook Web Access virtual directory this proxy traffic is going to. You can set that parameter using the Set-OwaVirtualDirectory cmdlet in the Exchange Management Shell.

2. The destination virtual directory returned an HTTP 403 error code. This usually means it is not configured to accept SSL access. You can change this configuration by using Internet Services Manager on the Client Access server "https://srv2.contoso.com/owa".

If you do not want this proxy connection to use SSL, you need to set the registry key "AllowProxyingWithoutSSL" on this Client Access server and set the InternalUrl and SSL settings for the Outlook Web Access virtual directory this proxy traffic is going to accordingly.      

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

i have https, configured on the srv2.contoso.com;
i have https, configured on iis on the server srv2.contoso.com.

Any more ideias?

Watch Question
This problem has been solved!
Unlock 1 Answer and 5 Comments.
See Answer
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE