Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Exchange 2010 OWA Attachview secure access issue

Posted on 2013-06-27
5
Medium Priority
?
844 Views
Last Modified: 2013-07-09
We have a Exchange 2010 environment and use OWA for external access. To secure attachments we use Messageware Attachview which converts attachments to be viewed over the web without the file being downloaded.

Our ISA sever (Microsoft ISA 2000 unfortunately) is configured to only allow SSL traffic for OWA, which all works fine, except for when an attachment is viewed and the request is attempted over http and not https. This causes the ISA server to reject the request as it is not using SSL. if we disable the requirement for SSL then this works, but then owa can be viewed over non secure channels.

I believe the problem is that the ISA server is also offloading the SSL so requests to exchange are coming in over non-secure channels. my thinking is that the attachview link being provided is non-secure as the request is coming in over non secure channels due to the ISA offloading the SSL.

I have configured the external URL for OWA to be the https external url but this is still not working.

Does anyone have any ideas as to why this is the case?
0
Comment
Question by:bankhall
  • 3
  • 2
5 Comments
 
LVL 11

Assisted Solution

by:Sanjay Santoki
Sanjay Santoki earned 600 total points
ID: 39283837
Hello,

I would recommend you to disable SSL requirement on ISA as well as website server and put URL rewrite rule to rewrite all non HTTPS request to HTTPS request. Alternatively you can achieve it by creating by dummy website on TCP 80 with OWA URL host headers and redirect request to https://FQDN/OWA

You can achieve it using URL Rewrite module of Microsoft.

Regards,
Sanjay Santoki
0
 

Author Comment

by:bankhall
ID: 39289516
Thanks very much for the response - I'll have a look in to both options and see what suits best and let you know the outcome.
0
 
LVL 11

Expert Comment

by:Sanjay Santoki
ID: 39289687
Hello,

Good Day!

Do let me know if you required further assistance from my side...

Regards,
Sanjay Santoki
0
 

Accepted Solution

by:
bankhall earned 0 total points
ID: 39299712
My colleague picked this up for me and discovered that by assigning the same certificate to the exchange server (on a new IP so not to conflict with other services using previous certificate) that was assigned to the website on the ISA server, allowed the connection via HTTPS and fixed the issue.

We effectively created new listening rules on ISA (as if setting up a new site), gave exchange a new IP, and used a new URL for the website, all with the same externally trusted certificate.

Unfortunately this meant I couldn't test your advice to see if this would fix it also, but I appreciate the help in getting to the final solution!
0
 

Author Closing Comment

by:bankhall
ID: 39309769
Solution achived by setting up new site alongside existing one with same certificate on ISA and exchange, as per post above
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Eseutil Hard Recovery is part of exchange tool and ensures Exchange mailbox data recovery when mailbox gets corrupt due to some problem on Exchange server.
Mailbox Corruption is a nightmare every Exchange DBA wishes he never has. Recovering from it can be super-hectic if not entirely futile. And though techniques like the New-MailboxRepairRequest cmdlet have been designed to help with fixing minor corr…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
Suggested Courses

783 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question