Solved

Web Server, Outlook Web Access, and SSL

Posted on 2013-10-27
6
632 Views
Last Modified: 2013-10-28
Hello,

This is my first time doing this so I want to make sure I do things right. Even though this is a site created for testing, it needs to be setup correctly and I want it to be setup like the industry standard.

I registered a domain and it has a static IP address. I setup three servers running Windows Server 2012. One is AD. The second one hosts IIS and a default web page. The third server is running Exchange 2013.

My firewall is setup to forward port 80 to the web server, and port 25 is forwarded to the Exchange 2013 server. Also, port 443 is forwarded to the Exchange Server.

I setup Exchange 2013 and it is working. I can send messages to the outside world. I can also receive messages from the Internet.

For now, I have to enter http://www.hiddencompanyname.com when I want to get to my default web page. I have to enter https://hiddencompany.com/owa when I want to get to Outlook Web Access.

When I go to OWA, I am warned about my certificate.

My eventual goal for this test domain is that I want to be able to eventually connect to my Exchange 2013 server with Outlook 2013 using RPC over HTTPS, and I want this domain to be configured like and behave like what people usually do when they setup an IIS server for their web page and a separate server for their Exchange Server.

What is the next thing I need to do so that I can finalize this domain so that I can reach my goal of setting up Outlook with RPC over HTTPS? Is the next step an SSL certificate? Please advise.

Thanks,
John
0
Comment
Question by:jhieb
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 10

Accepted Solution

by:
Satish Auti earned 167 total points
ID: 39604827
Yes if you dont have any certificate then create it. or go for third party .
0
 
LVL 11

Assisted Solution

by:Sanjay Santoki
Sanjay Santoki earned 167 total points
ID: 39605848
Hello,

First of all you have to configure dummy autodiscover virtual directory on your web server which redirect to your exchange server when someone try with HTTP to HTTPS://owaURL. This will take care of autodiscovery.

As far as certificate warning is concerned; make sure that all the FQDNs used by Exchange service is added a subject alternative names. Also, You have to add local CA root certificate in trusted root certificate store on client computer in case you are using self-signed certificate.

Regards,
Sanjay Santoki
0
 
LVL 1

Author Comment

by:jhieb
ID: 39606028
I am getting a bit confused by all the choices within the technical links. Even ExchangeGURU's links have different examples for the same thing. It is too bad there is not a step by step list of instructions on how to do everything I need to do.

Right now, I am struggling with getting the URL's situated. I am not that great with DNS so that doesn't help. I am setup like this:

My firewall is setup to forward port 80 to the web server, and port 25 is forwarded to the Exchange 2013 server. Also, port 443 is forwarded to the Exchange Server.

At my ISP, I have a three A records and they all point to the same IP address:

@
Mail
SMTP

My Exchange server name is: ECTSRV01

Are there any other A records that I need to setup for Outlook Anywhere and/or for OWA?

Once the DNS settings are correct, is the next step to setup a certificate or the Configure URLS section of the technical notes? I think it is the configure URLS section. So, what should my URLs be for: ??

Servers/Outlook Anywhere

1. Specify the external host name such as conosto.com that users will use to connect to your organization? =

2. Specify the internal host name such as contoso.com that users will use to connect to your organization: =

3. Specify the authentication method for external clients to use when connecting to your organization: =

Servers/Virtual Directories
Should I change anything here?

Thanks,
John
0
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 166 total points
ID: 39606087
Is your external DNS able to support SRV records?
If so, then configure an Autodiscover SRV record thus:
http://semb.ee/srv

Then get a free single name SSL certificate from StartSSL.com

Do ensure that Autodiscover.example.com doesn't resolve anywhere.

Simon.
0
 
LVL 1

Author Closing Comment

by:jhieb
ID: 39607296
Thanks for the help.
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
Preparing an email is something we should all take special care with – especially when the email is for somebody you may not know very well. The pressures of everyday working life stacked with a hectic office environment can make this a real challen…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question