RPC/HTTPS on Exchange 2010 not working

Hello,

I just get a new customer :-)
I have to set up on his Exchange 2010 SP1 the RPC/HTTPS feature.

A lot of things were not correctly configured. I solved almost everything, but the RPC/HTTPS don't work.

I guess i fix the self signed certificate issu because when i go on the OWA page, it doesn't ask me for a confirmation anymore. :-)

So here the story :
OWA is Ok
Sync with Iphone Ok !
RPC/HTTPS not Ok

When i try to do it on my personnal computer at home, it's not working... but i don't have any error message on the server logs and on the client logs.

outlook just say to me that i need to be connected to the server to work.

Please help me :-)
winnidouxAsked:
Who is Participating?
 
davorinCommented:
Hi,

I don't use self signed cert on any of exchange 2007/2010 installations. At least I don't recall. For SBS installations I'm not sure.

For testing OA connectivity problems you can use https://www.testexchangeconnectivity.com/
But I guess you are familiar with it.

When using non-domain computer to connect over OA before trying to check username you must configure exchange proxy settings.
The procedure is specified here:
http://techwithjim.blogspot.com/2010/12/exchange-outlook-2007-outlook-anywhere.html
It also says, that OA is working using self signed cert, but right now I can not verify that.
0
 
davorinCommented:
Outlook anywhere does not work with self signed certificate.

http://exchangepedia.com/2007/08/outlook-anywhere-and-exchanges-self-signed-certificate.html

You need to buy a SAN certificate or if you have an option to use some other certificate authority to create one. The certificate auth. cert. and server cert should be trusted on client computers.
0
 
winnidouxAuthor Commented:
Hello Davorin

Is it a joke ?? :-)

I have maybe 90 customers server with self signed certificate and all of them working with RPC/HTTPS without any pb
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
winnidouxAuthor Commented:
Hello again,

Of course we install the certificate on all our computers :-)
0
 
winnidouxAuthor Commented:
thank you for the https://www.testexchangeconnectivity.com/ link
I didn't use for a long time. I forgot it.

I try and tell you

Thanks
0
 
Simon Butler (Sembee)ConsultantCommented:
The self signed certificate is not supported by Microsoft for use with Outlook Anywhere. The self signed certificate should be considered a place holder for a real certificate. While you can make it work, it isn't worth the hassle - the certificate expires and you have to touch every client. When you can purchase a suitable trusted certificate for $60/year, it is just a better choice, and more professional, to use a signed certificate.

Simon.
0
 
winnidouxAuthor Commented:
Hello,

Here the question in not what is the better certificate.. To pay or not to pay.... My client don't want to pay for that.
Now i have to make it works...

For me the self signed certificate is ok... Who can help me to solve this

Thanks
0
 
Simon Butler (Sembee)ConsultantCommented:
The point is - the self signed certificate is not supported for use with Outlook Anywhere.
As I wrote above, how much is your time worth?

Simon.
0
 
winnidouxAuthor Commented:
Hello Simon,

I don't understand what you mean by not supported...
We have plenty of server working like that very well.

Not supported by whom ? Microsoft ? Maybe... But i need to find a solution anyway

Thanks
0
 
Simon Butler (Sembee)ConsultantCommented:
The fact that you have it working on other servers doesn't mean it is a good idea.
This is Microsoft's stance on the self signed certificate:
http://technet.microsoft.com/en-us/library/bb851554(EXCHG.80).aspx - it also applies to Exchange 2010.

Obviously neither you nor the client are getting my point about how much your time is worth, mine is worth a lot more, so I will drop off the question now.

(Basic maths - my time is worth about three times the cost of the SSL certificate per hour, therefore it is more efficient to spend 15 minutes putting in a commercial SSL certificate for $60/year, than spending hours visiting every client to install the self signed certificate, troubleshotting it, repeating the process when a new client is added to the network and generally making lots of work).

Simon.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.