No announcement yet.

Problems enabling SSL on OWA

  • Filter
  • Time
  • Show
Clear All
new posts

  • Problems enabling SSL on OWA

    Thanks so much, Daniel, for the wonderful content on this site. I have been working through configuring SSL for my OWA server, following the directions given on here: as well as the related articles.

    I am running into a problem when I try to verify that SSL is working. After enabling SSL for the Exchange virtual directory, I enter in the normal URL to access OWA, and I get the expected error stating that I need to use https. Upon entering the "s" into the URL, I immediately get a standard IE "The page cannot be displayed" error.

    I've investigated for awhile and I think my problem may be related to my Certificate. In the Certificate Authority MMC snap-in, I found the following in "Failed Requests":
    Request Status Code: The requested certificate template is not supported by this CA.
    Request Dispostion Message: Denied by Policy Module. The request was for a certificate template that is not supported by the Certificate Services policy: Webserver

    Additionally, I get Event ID #77, "The "Windows default" Policy Module logged the following warning: The WebServer Certificate Template could not be loaded. Element not found. 0x80070490 (WIN32: 116."

    I'm really not sure what all this means, or if I'm even looking in the right place. I would appreciate some guidance. Thanks so much.

  • #2
    I ran into something similar & if I remember correctly I had to re-request the certificate.

    Open IIS
    Expand the server
    Expand to the website (default website)
    Right click & select properties
    Select Directory Security
    At the bottom- select Certificate
    Select either new or replace certificate
    Follow Daniels' instructions on configuring the cert and save it

    Now open a browser and go to your certificate server webpage:


    Note the (s), log into the webpage
    Select create a request a certificate
    Select Advanced Certificate Request

    Select- "Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file."

    Open, in Notepad, the cert request file you just created
    Copy EVERYTHING and paste it into the dialog box
    Select Webserver under the 'type of certificate'.
    Next- Save the certificate

    Go back to IIS and open the Properties of the default website (or your website)
    Go back to Directory Security and select Certificate
    Select Process the certificate request
    Browse to your saved certificate and install it.

    Then you should be able to select SSL from the website (Exchange/Exchangeweb/OMA, etc)

    I'm doing this from memory so be kind to an old network guy with no hair!

    Good Luck!


    • #3

      I have had simialr problems in getting the OWA to work and found out that unless SSL is totally 100% setup correctly, it wont work. As a start, download the SSL Diagnostics tool from microsoft and run it. if you've got a certificate problem, it will tell you. you can also right click the bad certificate and create a good one, however this has only 1 week life, try this and let me know if you can get it to work initially and then i'll tell you hthe next steps to create a good certificate ( 1 years worth) Its based on the published way, but it has a few gotchas.

      Last edited by Richie; 19th January 2011, 19:41.


      • #4
        Thanks for the responses! In the end, all I had to do was uninstall the CA, reinstall and reapply the certificate and all was good. I'm still perplexed as to what prevented it all from working the first time... another one for the MS mystery board, I guess.

        I have certainly learned a great deal trying to sort this all out, so I suppose that's a good thing!

        Thanks again!