Announcement

Collapse
No announcement yet.

OWA Forms Login

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • OWA Forms Login

    I have enabled SSL and form based login for OWA 2003. It works great when tested on the local server. When I test the site on the windows xp laptop I go to https://server.domain.com/exchange and I get a certificate error in windows XP. I went to the certsrv and downloaded the certificate and xp shows that it is installed....I have been working 5 days on this and about to shoot myself....assistance PLEASE!!!!!!!!

  • #2
    Re: OWA Forms Login

    I am having a similar issue. OWA with a certificate generated by microsoft certificate authority internally works great within the domain. If i try to connect to OWA externally i get a certificate error, "The security certificate presented by this website was not issued by a trusted certificate authority." Any way to fix this? Much appreciated

    Comment


    • #3
      Re: OWA Forms Login

      Buy a certificate.
      If you use self generated certificates then you will always get an error. Self generated certificates are not designed for public facing systems like OWA, unless you have control over 100% of the machines accessing the server.

      You can get trusted SSL certificates for US$30/year from http://DomainsForExchange.net/

      Simon.
      --
      Simon Butler
      Exchange MVP

      Blog: http://blog.sembee.co.uk/
      More Exchange Content: http://exchange.sembee.info/
      Exchange Resources List: http://exbpa.com/
      In the UK? Hire me: http://www.sembee.co.uk/

      Sembee is a registered trademark, used here with permission.

      Comment


      • #4
        Re: OWA Forms Login

        Thank you, thats what i figured too is to go with a 3rd party certificate. Thank you

        Comment


        • #5
          Re: OWA Forms Login

          Originally posted by tkn View Post
          Thank you, thats what i figured too is to go with a 3rd party certificate. Thank you
          So when I buy a certificate, i install it on my exchange server right....not each one of my users has to buy a certificate correct?

          Comment


          • #6
            Re: OWA Forms Login

            Originally posted by tkn View Post
            I am having a similar issue. OWA with a certificate generated by microsoft certificate authority internally works great within the domain. If i try to connect to OWA externally i get a certificate error, "The security certificate presented by this website was not issued by a trusted certificate authority." Any way to fix this? Much appreciated

            I am more into paying 30 dollars myself and not all 122 users paying 30 each.

            Just can't help but ask,,,,what is the point of the certificate services then?

            Comment


            • #7
              Re: OWA Forms Login

              Originally posted by tkn View Post
              Thank you, thats what i figured too is to go with a 3rd party certificate. Thank you
              Hey fella....check this out

              http://www.sembee.co.uk/archive/2006/03/05/9.aspx

              Comment


              • #8
                Re: OWA Forms Login

                Do you have a certificate for Amazon?
                For ebay?
                For your bank or credit card?

                No.

                It is just the same. The certificate is for the server. You purchase a single certificate for the server. The client trusts that certificate because of who issued it.

                Simon.
                --
                Simon Butler
                Exchange MVP

                Blog: http://blog.sembee.co.uk/
                More Exchange Content: http://exchange.sembee.info/
                Exchange Resources List: http://exbpa.com/
                In the UK? Hire me: http://www.sembee.co.uk/

                Sembee is a registered trademark, used here with permission.

                Comment


                • #9
                  Re: OWA Forms Login

                  Hi,

                  If you dont want to buy a certificate then you can use free trial 30 days certificate from http://www.rapidssl.com/index_ssl.htm

                  It will provide you a free SSL certificate for 30 days so every 30 days you need to generate a certificate request.

                  This is not permanent solution but you can use it for while.
                  MCITP - MCTS - MCSE

                  Comment


                  • #10
                    Re: OWA Forms Login

                    GoDaddy is a good, cheap (around $30 a year) place for certificates and they provide instructions on how to initiate a certificate request from your server and install it once it has been keyed.

                    Comment


                    • #11
                      Re: OWA Forms Login

                      First problem could be: Certificate issued to different DNS Name

                      On your local network you do not connect to https://webmail.company.com/exchange, but to https://localserver.lan/exchange.
                      The certificate is issued to webmail.company.com, and the IE recognizes that you connect to a different URL within the local network, and prompts for a wrong certificat, which is correct. It will work from outside without the error, but not from inside your network.

                      Second Problem: Certification authority

                      You need to install the root certificate of your local CA in the webbrowser.
                      Go to Internet Options -> Content -> Certificates and import the root CA of your local certification authority to the "Trusted Root Certification Authorities".
                      You do not need to install the certificate issued to the website on any client, because the local CA is known by the browser now as trusted.
                      If you want to roll out the CA in your local domain, you can use GPO to do so, but make sure to place the certificate in the Trusted Root Certification store.

                      Cheers
                      Marc

                      Comment


                      • #12
                        Re: OWA Forms Login

                        A solution is to use the SelfSSL tool from the IIS Resource Kit. It is FREE !!

                        type the following command (taking into account switch options):
                        selfssl /N:CN=localhost,CN=server.domain.tld /K:1024 /V:730 /S:1 /P:443



                        Comment


                        • #13
                          Re: OWA Forms Login

                          I would hardly call self SSL a solution.
                          Use it from another machine without the certificate installed and you will get SSL prompts. You really do not want any SSL prompts when accessing a site, as exposes your users to a man in the middle attack.

                          Simon.
                          --
                          Simon Butler
                          Exchange MVP

                          Blog: http://blog.sembee.co.uk/
                          More Exchange Content: http://exchange.sembee.info/
                          Exchange Resources List: http://exbpa.com/
                          In the UK? Hire me: http://www.sembee.co.uk/

                          Sembee is a registered trademark, used here with permission.

                          Comment

                          Working...
                          X