Securing OWA over HTTPS

I have a server 2003 with exchange 2003.

I would like to setup OWA for Users to access over Internet with HTTPS. I do not have a SSL certain so want to know from scratch what needs to happen.
LVL 6
FlippAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

nsonbatyCommented:
use this link to configure owa with ssl
http://www.msexchange.org/tutorials/SSL_Enabling_OWA_2003.html

and this link for HTTPS

http://support.microsoft.com/kb/839357
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ByteSleuthCommented:
Hello,

German Edition here:

http://www.msxfaq.de/clients/owa2003.htm

regards

BytesSleuth
0
Leon FesterSenior Solutions ArchitectCommented:
You will need a SSL Certificate to setup OWA over HTTPS.
However you don't need neccessarily buy a certificate.
You can use Microsoft's SelfCert utility or if you've got access to your Certificate Server on your domain then you can sign your own certificates. Just do the certificate request and exported it to a file.
Then access your Certificate Server via a browser and sign it yourself.

For the rest of the setup, look at the tutorial above.
Please note: You will still need to publish OWA via firewall like ISA or Forefront to make it safe on the WWW.
0
FlippAuthor Commented:
When you say "publish", I am assuming you just mean to open a port?

Also, when it comes to any use of things like RWW or OWA over HTTPS using a self-signed certificate, I am assuming that this is safe through encryption - right?

Also, if I am comparing a third-party cert to a self-signed, then the only advantage that a third-party cert has is that it does not need to be distributed before use? I would of thought that if my Server has Certificate Services installed, then it could distribute over the Internet?
0
Alan HardistyCo-OwnerCommented:
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.