markhaase
asked on
Getting OWA to use a different port for SSL
Hi All!
Have an SBS 2003 server as part of a network in which Port 443 is already being used for an SSL certificate on another machine, for another purpose (and so is being port forwarded by the router)
Obviously when I try to setup OWA, the HTTPS requests are port forwarded to that other machine, and OWA doesn't connect. I SUPPOSE I could configure OWA to run without the SSL, but I'm not crazy about that plan.
So, I GUESS the best way to go would be to use a different port for the OWA SSL, but I have no idea how to proceed.
I recall in the past when installing GoDaddy SSL certs, one of the options is "what port to use", but then do I have to change the ports on all the Virtual Directories (under the default site) in the IIS Manager also?
Any guidance, thoughts, etc would be appreciated!
Thanks!
mark
Have an SBS 2003 server as part of a network in which Port 443 is already being used for an SSL certificate on another machine, for another purpose (and so is being port forwarded by the router)
Obviously when I try to setup OWA, the HTTPS requests are port forwarded to that other machine, and OWA doesn't connect. I SUPPOSE I could configure OWA to run without the SSL, but I'm not crazy about that plan.
So, I GUESS the best way to go would be to use a different port for the OWA SSL, but I have no idea how to proceed.
I recall in the past when installing GoDaddy SSL certs, one of the options is "what port to use", but then do I have to change the ports on all the Virtual Directories (under the default site) in the IIS Manager also?
Any guidance, thoughts, etc would be appreciated!
Thanks!
mark
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
aoakeley: Yes, unfortunately this router doesn't do translation. I like the additional IP address idea...as that would preserve the Outlook via HTTP ability, but I can't get that in time for when I need OWA to work.
Re: Users having to enter port -- I was thinking of having a "redirect page" on the HTTP page that would automatically send them to HTTPS://WEBMAIL.DOMAIN.COM:444. Thoughts?
aoakeley & Joking: Do I need to do anything special to/with the GoDaddy SSL cert to get it to work with the new port?
Thanks!
Re: Users having to enter port -- I was thinking of having a "redirect page" on the HTTP page that would automatically send them to HTTPS://WEBMAIL.DOMAIN.COM:444. Thoughts?
aoakeley & Joking: Do I need to do anything special to/with the GoDaddy SSL cert to get it to work with the new port?
Thanks!
no you do not need to do anything with the godaddy cert. As long as it is correctly assigned to the site it will work with the new port.
Yes a redirect on port 80 to redirect to https://server.com:444/ would be a good idea.
What model router is it?
Yes a redirect on port 80 to redirect to https://server.com:444/ would be a good idea.
What model router is it?
ASKER
It's a Netgear WNR1000 V2
Hmmm. OK, I set the SSL port on the default web page to 450. Now, if I go to:
http://127.0.0.1:450/exchange
from the server console, it works as expected. BUT (after forwarding port 450 to the machine), going to:
https://webmail.<domain>.com:450/exchange
from the outside world, lets me logon, but I never get any data in the OWA display. Where the list of emails should be, it continuously displays "Loading...". And if I select "Calendar", the basic framework displays, but I get an "Updating" icon, and none of the users actual calendar data shows up.
Any thoughts?
Hmmm. OK, I set the SSL port on the default web page to 450. Now, if I go to:
http://127.0.0.1:450/exchange
from the server console, it works as expected. BUT (after forwarding port 450 to the machine), going to:
https://webmail.<domain>.com:450/exchange
from the outside world, lets me logon, but I never get any data in the OWA display. Where the list of emails should be, it continuously displays "Loading...". And if I select "Calendar", the basic framework displays, but I get an "Updating" icon, and none of the users actual calendar data shows up.
Any thoughts?
ASKER
So it looks like Just changing the SSL port won't do it after all on an SBS. Looks llike Ill have to try replacing the router with one that does port translationn.
You have any preferences on a consumer grade (that means "cheap") model that does it? I have a couple of the old Linksys WRT54G's around here - but I forget if they'll do it.
Anyway....looks like bed time for me - gotta get a fresh look tomorrow. Thanks for your help
You have any preferences on a consumer grade (that means "cheap") model that does it? I have a couple of the old Linksys WRT54G's around here - but I forget if they'll do it.
Anyway....looks like bed time for me - gotta get a fresh look tomorrow. Thanks for your help
If the WRT54G does not do it out of the box, then flash it with www.dd-wrt.com then it will definately do it.
ASKER
Seems like port translating will be the easiest and least likely to break something in SBS, so since that was a suggestion of aoakeley, he gets the points. Thanks!
Juat an end note to this.... port translation will get you OWA, but ActiveSync and RPC over HTTP will both break. As they must use port 443. Getting additional Public IP addresses is probably the best solution
in Exchange 2003, just setting the port in IIS should be fine. Test internally before trying to port forward from the firewall - and remember your users will need to specify the port in the URL - but Outlook won't be able to use RPC over HTTP.