How to setup RPC over HTTP in Exch 2K3?

Due to the increasing demand, I have to setup RPC over http on my exchange server. There is only a single exch 2k3 server, 2 DCs also acting as global catalog servers, in my environment. How to set it up? The exchange server is using exchange 2k3 with sp2. I heard that some settings have to be done of the DCs, is this right?

thanks,
LVL 1
MichaelBalackAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

MichaelBalackAuthor Commented:
Hi Djsharma,

I don't have certicate and my management do not intend to use the ms certificate authority. Can i setup a rpc over http (instead of https) and how?
0
Simon Butler (Sembee)ConsultantCommented:
You need to use an SSL certificate. The feature doesn't work correctly without it.
As you are on Exchange 2003, if they refuse to purchase one then you could look at using a free Certificate from StartSSL - but without a certificate I wouldn't even waste your time in trying to get it work. I actually refuse to work with clients who will not use an SSL certificate because I can buy a trusted SSL certificate for less than the time I would charge to get the HTTP only to work.

A certificate that more widely trusted than the StartSSL ones can be had for about $30, less if you look around.

Simon.
0
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

David Paris VicenteSystems and Comunications  Administrator Commented:
You can install a Certification Authoraty on your infra structure and generate a certificate for your exchange server.

So with this you dont have to buy an outside certificate.

This is a cheap solution. And if you have a ISA server at your perimeter network you will need the certificate.

Regards
0
MichaelBalackAuthor Commented:
Hi Simbee2,

Now then I know that there is a MS CA being setup, and OWA is using it. I browsed through the certificate that assigned to the OWA and found that it is just expired. I wish I can renew it, but the CA is not working - CA service failed to start. Can I use the this expired cert for the rpc over HTTPS?
0
David Paris VicenteSystems and Comunications  Administrator Commented:
The certificate will be the same for the OWA and for the active sync. If I´m not wrong.

The certificate is installed on the IIS server, the same server that has the Exchange.

So you just have to enable active sync.

Sorry i didn´t see that you dont want to use a certificate on the post above, bad choice in my opinion.
0
MichaelBalackAuthor Commented:
Hi all,

I followed the links as suggested by Djsharma. Now whenever I open the outlook, the rpc over https failed with the following error message:

   There is a problem with the proxy server's security certificate

   Outlook is unable to connect to the proxy server <smtp.abc.com>
  (error code 20)

Could it be the certificate is expired or CA can't be recognized? or else?
0
Simon Butler (Sembee)ConsultantCommented:
If the certificate has expired, RPC over HTTPS will not connect.
If the client doesn't trust the certificate, RPC over HTTPS will not connect
If the name on the certificate is different to what is in the client, RPC over HTTPS will not connect.

Everything has to be spot on for it to connect correctly. The most successful methods use a commercial trusted SSL certificate, not one that has been generated internally (by any means). I certainly wouldn't recommend using an internal CA to generate an SSL certificate for OWA - I don't think it is a good idea to tell users to ignore SSL warnings.

Simon.
0
Seth SimmonsSr. Systems AdministratorCommented:
seems the certificate is expired (error code 20)

http://support.microsoft.com/kb/923575

FLAG_CERT_DATE_INVALID      0x00000020
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
MichaelBalackAuthor Commented:
It works
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.