<div>
Are you referring to the cookies for Outlook Web Access? If so, by default Outlook Web Access is SSL-only anyway so this will already be happening unless you've specifically enabled OWA on standard HTTP.
</div>


Are you referring to the cookies for Outlook Web Access? If so, by default Outlook Web Access is SSL-only anyway so this will already be happening unless you've specifically enabled OWA on standard HTTP.

<div>
HI BlueCompute,<br />
<br />
Thanks for your response.<br />
<br />
our customer received below advise form it audit, can you please explain what it means,<br />
<br />
Missing Secure Attribute in Encrypted Session (SSL) Cookie:<br />
it is best business practice that any cookies that sent over (Set-cookie) an ssl connection to explicitly state secure on them<br />
<br />
Thanks
</div>


HI BlueCompute,

Thanks for your response.

our customer received below advise form it audit, can you please explain what it means,

Missing Secure Attribute in Encrypted Session (SSL) Cookie:
it is best business practice that any cookies that sent over (Set-cookie) an ssl connection to explicitly state secure on them

Thanks

<div>
<div class="content wysiwyg-content">
Dear Experts,<br />
<br />
we have Exchange 2010 SP2 running on server 2008R2,<br />
<br />
How can you ensure that all cookies &nbsp;are sent only on SSL-secured connection, if not how to force ssl on it.<br />
<br />
Thanks
</div>
</div>


Dear Experts,

we have Exchange 2010 SP2 running on server 2008R2,

How can you ensure that all cookies  are sent only on SSL-secured connection, if not how to force ssl on it.

Thanks

Exchange 2010 cookie

Exchange is the server side of a collaborative application product that is part of the Microsoft Server infrastructure. Exchange's major features include email, calendaring, contacts and tasks, support for mobile and web-based access to information, and support for data storage.