?
Solved

HTTPS on OWA not working.

Posted on 2010-08-13
11
Medium Priority
?
3,364 Views
Last Modified: 2012-05-10
Hi,

I have a client running Server 2008, Exchange 2007, IIS.
I they were able (until recently) to connect to OWA by https://mail.domain.com/owa.
Then it suddenly stopped working. I get an error The web page at https://mail.xxxx.org.uk/owa might be temporarily down or it may have moved permanently to a new web address.
If I turn of SSL I can connect happily via just http. If I turn on SSL it gives me the error. I have checked IP/DNS at ISP and it's OK and resolves to the IP address. I can connect using http://IPAddress/OWA and http://mail.xxx.org.uk/owa so assume it cant be to do with the routing/DNS.
I checked IIS and HTTPS is allowed and run a port scan externally to make sure HTTPS was allowed through the firewall..all tests passed.
If I enable SSL all stops working on OWA even from within IIS where it gives you the option to browse.
I assume it cant me the certificate if I am not getting error messages on the local LAN with outlook??

Any help to shed light on this would be greatly appreciated.
0
Comment
Question by:ritltd
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
  • +3
11 Comments
 
LVL 11

Expert Comment

by:Coast-IT
ID: 33427624
Are you sure that 443 is going to the Exchange server and not just the router?

Can you get to it internally if you type myexchangeserver.internal.lan.ip/owa? (replace the words for numbers)

Is the site definitely published on 443?  Are there are any other websites on the box that are using 443?

Go into IIS and stop all websites apart from the one you need, check the port bindings in IIS, restart IIS and then try and get to it locally on the server.

if this doesn't work, you can reset the virtual directories by looking here :-
http://social.technet.microsoft.com/Forums/en-US/exchangesvrgeneral/thread/32f5654b-7f9d-4043-a126-de8057818438
0
 
LVL 1

Expert Comment

by:leejohn83
ID: 33427676
when you connected to exchange using this URL https://mail.domain.com/owa , I assume that you are connecting directly to the server bypassing your firewall. Please check your firewall policy manager. Please allow your firewall to accept connection using SSL port 443.
0
 

Author Comment

by:ritltd
ID: 33427817
I have checked the router and 443 is definitely going to the server.
I cannot connect even internally to HTTPS only HTTP if I disable SSL.

New to IIS so can you tell me how I go about checking the Bindings??
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 11

Expert Comment

by:Coast-IT
ID: 33428010
open up IIS

Select a site in the tree view and click Bindings in the Actions pane.

This brings up the bindings editor which shows you which ports are bound to the site.
0
 
LVL 5

Expert Comment

by:sosinc3
ID: 33428089
Sounds like something possibly is wrong with your certificate. Have you tried removing the certificate from the workstation first and reinstalling it? How about the server side?
0
 

Author Comment

by:ritltd
ID: 33428092
OK, I can only see Bindings when I am on the Default Web Site.
I have looked at this and it has both http and https
If I edit https the IP address says 'all unassigned' Port 443, Hostname is greyed out and SSL Certificate says not selected.
If I try to select Microsoft Exchange i get an error that says 'unable to find the existing binding to update'
If I view the certificate is says issued to : Server  Issues By: Server and Valid to 19/07/2011.
0
 
LVL 20

Expert Comment

by:Satya Pathak
ID: 33428374
First take a IIS backup after that you can try bellow steps.

First Remove the certificate using the IIS manager "select “Server Certificates” and take the “Remove” action"

Step 2.
1.Add SSL binding same as per your certificate.

After that Restart IIS and check it.

0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33428609
rittld > Is that a self signed cert or a UCC/SAN Cert
Did you install any updates through automatic update before OWA stopped working ?
0
 

Author Comment

by:ritltd
ID: 33429109
It is a self signed Cert there may well have been Windows updates applied.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33429153
can you check from add / remove programs with updates checked

Also you can check your windows update history
open IE > Go to windows update > click history on the left tab.

let me know the kbid for the windows update which might have caused this.
0
 

Accepted Solution

by:
ritltd earned 0 total points
ID: 33443947
Hi, Thanks all for your help. I found a good article which has resolved the situation.
Seems that SSL was OK for Exchange but had not been correctly applied to IIS.

http://exchangepedia.com/2008/01/exchange-server-2007-renewing-the-self-signed-certificate.html
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question