Web Server, Outlook Web Access, and SSL

Posted on 2013-10-27
Last Modified: 2013-10-28

This is my first time doing this so I want to make sure I do things right. Even though this is a site created for testing, it needs to be setup correctly and I want it to be setup like the industry standard.

I registered a domain and it has a static IP address. I setup three servers running Windows Server 2012. One is AD. The second one hosts IIS and a default web page. The third server is running Exchange 2013.

My firewall is setup to forward port 80 to the web server, and port 25 is forwarded to the Exchange 2013 server. Also, port 443 is forwarded to the Exchange Server.

I setup Exchange 2013 and it is working. I can send messages to the outside world. I can also receive messages from the Internet.

For now, I have to enter when I want to get to my default web page. I have to enter when I want to get to Outlook Web Access.

When I go to OWA, I am warned about my certificate.

My eventual goal for this test domain is that I want to be able to eventually connect to my Exchange 2013 server with Outlook 2013 using RPC over HTTPS, and I want this domain to be configured like and behave like what people usually do when they setup an IIS server for their web page and a separate server for their Exchange Server.

What is the next thing I need to do so that I can finalize this domain so that I can reach my goal of setting up Outlook with RPC over HTTPS? Is the next step an SSL certificate? Please advise.

Question by:jhieb

Accepted Solution

Satish Auti earned 167 total points
ID: 39604827
Yes if you dont have any certificate then create it. or go for third party .
LVL 11

Assisted Solution

by:Sanjay Santoki
Sanjay Santoki earned 167 total points
ID: 39605848

First of all you have to configure dummy autodiscover virtual directory on your web server which redirect to your exchange server when someone try with HTTP to HTTPS://owaURL. This will take care of autodiscovery.

As far as certificate warning is concerned; make sure that all the FQDNs used by Exchange service is added a subject alternative names. Also, You have to add local CA root certificate in trusted root certificate store on client computer in case you are using self-signed certificate.

Sanjay Santoki

Author Comment

ID: 39606028
I am getting a bit confused by all the choices within the technical links. Even ExchangeGURU's links have different examples for the same thing. It is too bad there is not a step by step list of instructions on how to do everything I need to do.

Right now, I am struggling with getting the URL's situated. I am not that great with DNS so that doesn't help. I am setup like this:

My firewall is setup to forward port 80 to the web server, and port 25 is forwarded to the Exchange 2013 server. Also, port 443 is forwarded to the Exchange Server.

At my ISP, I have a three A records and they all point to the same IP address:


My Exchange server name is: ECTSRV01

Are there any other A records that I need to setup for Outlook Anywhere and/or for OWA?

Once the DNS settings are correct, is the next step to setup a certificate or the Configure URLS section of the technical notes? I think it is the configure URLS section. So, what should my URLs be for: ??

Servers/Outlook Anywhere

1. Specify the external host name such as that users will use to connect to your organization? =

2. Specify the internal host name such as that users will use to connect to your organization: =

3. Specify the authentication method for external clients to use when connecting to your organization: =

Servers/Virtual Directories
Should I change anything here?

LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 166 total points
ID: 39606087
Is your external DNS able to support SRV records?
If so, then configure an Autodiscover SRV record thus:

Then get a free single name SSL certificate from

Do ensure that doesn't resolve anywhere.


Author Closing Comment

ID: 39607296
Thanks for the help.

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

OfficeMate Freezes on login or does not load after login credentials are input.
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…

947 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now