Avatar of jet-info
jet-info
Flag for Switzerland asked on

Exchange 2007 on SBS 2008 OWA and Outlook anywhere issue : ASA temporary certificate

Hi Experts,

We encounter a certificate error on one SBS 2008 server. It is impossible to connect to OWA from the outside  (cert error and redirected to the "+CSCOE+/wrong_url.html" Wrong URL page) or with Outlook anywhere (proxy server's security problem)  since yesterday evening. We can connect to OWA from the inside, the certificate is alright then with the good subject name (domain.dyndns.biz) and is valid up to 2014.
 I checked the certificate from the outside, it is issued by  "ASA Temporary self Signed Certificate" to himself and is valid to 2023. The error message is about trust of the certificate that have to be installed in the trust root store...

The ASA temp cert seems to be created by the Cisco ASA of the customer, I can't find the way to remove it...

There are some errors in the certmgr.msc snap-in : AIA Location #2 , DeltaCRL Location #2 and CDP Location #2 are "Unable to Download", I don't know if it is linked.
With Android smartphones there is a authentication error but everything is fine with BB phones.

Any idea ?

Thank you in advance for your help !
CiscoSSL / HTTPSExchange

Avatar of undefined
Last Comment
jet-info

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
rauenpc

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
jet-info

ASKER
Thank you for your quick response !
I launched the command and re connected to ADSM with the right port to save the change in the flash.
When I want to create a NAT rule for https on the FTTH interface I still receive an error :
nat (inside,FTTH) static interface service tcp https https
       NAT unable to reserve ports.
I can create a NAT rule for https on the ADSL interface, which is the backup interface, without problem.

Any idea ?
jet-info

ASKER
Thank you for your help.

The problem occured after an update of the firmware on a Cisco Asa 5505...
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck