cannot access OWA over https - Error Code 64: Host not available

Dear Experts,

Please help! I have an EBS system which has a management server (DC), an exchange 2007 server and a FTMG server.

A few weeks back I had an internal certificate expire on the exchange server so i created a new one  directly on the exchange server and completed the edge subscription etc.  All fine at this point.

Yesterday, i needed to reboot both the exchange and ISA servers and when they came back up, remote users using outlook (connected over https) complained that the exchange server was disconnected.

When i try to access OWA, i get the usual login screen, but when i enter the username and password, I get the message:  The page cannot be displayed, Explanation: The Web server connection was closed."

and at the bottom:
Error Code 64: Host not available
Background: The connection to the Web server was lost.

in the ISA logs i see:

Failed Connection Attempt ISASERVER1 12/10/2011 23:36:49
Log type: Web Proxy (Reverse)
Status: 64 The specified network name is no longer available.  
Rule: Microsoft Exchange Server Publishing: Outlook Web Access
Source: External (
Destination: Local Host (
Request: GET 
Filter information: Req ID: 22e20ce3; Compression: client=No, server=No, compress rate=0% decompress rate=0% ; FBA cookie: exists=yes, valid=yes, updated=no, logged off=no, client type=public, user activity=yes
Protocol: https
User: internaldomain\administrator
 Additional information
Client agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENGB)
Object source: Internet (Source is the Internet. Object was added to the cache.)
Cache info: 0x0
Processing time: 1 MIME type: -

Anyone any ideas whats going on here???

I have around 60 remote users without email and I would allocate more points if the system allowed!!!

thanks in advance.
Who is Participating?
sirakovConnect With a Mentor Commented:
Your new certificate is Self-Signed or from internal certification authority? The tmg must trust the CA
If in your Outlook Anywhere rule you specified either the (split DNS) or your local domain name, you should have the same name in your newly created certificate.
You could easy check the above when you try access OWA from the TMG on the address specified in your rule.
Wich domains were set in the old certificate ? > Get-ExchangeCertificate | fl
Shreedhar EtteCommented:
tech53Author Commented:
Thanks for your time.

Tried that article in the question above but still not working.
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

tech53Author Commented:
Also seeing this when i run the ISA BPA:

Forefront TMG was unable to establish an SSL connection with EXCH1. The specified network name is no longer available.
tech53Author Commented:
On the ISA server, I looked  at the rule for "Microsoft Exchange Outlook Anywhere and Terminal Services Gateway publishing rule (RPC over HTTPS)"  The external web listener displays the following message:

"The selected web listener is not configured with certificates matching one or more of the public names defined in this rule. Users may receive a warning when attempting to connect to a server published by this rule."

It is configured with a valid cert from comodo.  

Why would ISA report this?
tech53Author Commented:
scratch that. its because i'm using more than one name to access owa.
tech53Author Commented:
Well done!  In an EBS environment, the management server is the CA. I had to generate the cert req on the exchange server and have it issued by the management server. All sorted.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.