How to setup RPC over HTTP in Exch 2K3?

Due to the increasing demand, I have to setup RPC over http on my exchange server. There is only a single exch 2k3 server, 2 DCs also acting as global catalog servers, in my environment. How to set it up? The exchange server is using exchange 2k3 with sp2. I heard that some settings have to be done of the DCs, is this right?

Who is Participating?
Seth SimmonsConnect With a Mentor Sr. Systems AdministratorCommented:
seems the certificate is expired (error code 20)

FLAG_CERT_DATE_INVALID      0x00000020
MichaelBalackAuthor Commented:
Hi Djsharma,

I don't have certicate and my management do not intend to use the ms certificate authority. Can i setup a rpc over http (instead of https) and how?
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Simon Butler (Sembee)ConsultantCommented:
You need to use an SSL certificate. The feature doesn't work correctly without it.
As you are on Exchange 2003, if they refuse to purchase one then you could look at using a free Certificate from StartSSL - but without a certificate I wouldn't even waste your time in trying to get it work. I actually refuse to work with clients who will not use an SSL certificate because I can buy a trusted SSL certificate for less than the time I would charge to get the HTTP only to work.

A certificate that more widely trusted than the StartSSL ones can be had for about $30, less if you look around.

David Paris VicenteSystems and Comunications  Administrator Commented:
You can install a Certification Authoraty on your infra structure and generate a certificate for your exchange server.

So with this you dont have to buy an outside certificate.

This is a cheap solution. And if you have a ISA server at your perimeter network you will need the certificate.

MichaelBalackAuthor Commented:
Hi Simbee2,

Now then I know that there is a MS CA being setup, and OWA is using it. I browsed through the certificate that assigned to the OWA and found that it is just expired. I wish I can renew it, but the CA is not working - CA service failed to start. Can I use the this expired cert for the rpc over HTTPS?
David Paris VicenteSystems and Comunications  Administrator Commented:
The certificate will be the same for the OWA and for the active sync. If I´m not wrong.

The certificate is installed on the IIS server, the same server that has the Exchange.

So you just have to enable active sync.

Sorry i didn´t see that you dont want to use a certificate on the post above, bad choice in my opinion.
MichaelBalackAuthor Commented:
Hi all,

I followed the links as suggested by Djsharma. Now whenever I open the outlook, the rpc over https failed with the following error message:

   There is a problem with the proxy server's security certificate

   Outlook is unable to connect to the proxy server <>
  (error code 20)

Could it be the certificate is expired or CA can't be recognized? or else?
Simon Butler (Sembee)Connect With a Mentor ConsultantCommented:
If the certificate has expired, RPC over HTTPS will not connect.
If the client doesn't trust the certificate, RPC over HTTPS will not connect
If the name on the certificate is different to what is in the client, RPC over HTTPS will not connect.

Everything has to be spot on for it to connect correctly. The most successful methods use a commercial trusted SSL certificate, not one that has been generated internally (by any means). I certainly wouldn't recommend using an internal CA to generate an SSL certificate for OWA - I don't think it is a good idea to tell users to ignore SSL warnings.

MichaelBalackAuthor Commented:
It works
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.