Announcement

Collapse
No announcement yet.

Publishing Exchange 2003 OWA with SSL certificate in ISA Server 2006

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Publishing Exchange 2003 OWA with SSL certificate in ISA Server 2006

    I followed this tutorial made by Henrik Walther on how to enable SSL on my exchange 2k3 OWA using my own CA. http://www.msexchange.org/tutorials/..._OWA_2003.html.

    I made it work fine internally with or without SSL, but when i access my OWA on the internet with SSL enable in IIS it returned an error "connection timed out". When i disable the SSL option under Sercure Communications through IIS on my exchange server, i can access my owa without errors.

    My ISA Server is configured to publish my OWA http. I believe there is an additional configurations to be done on my ISA as there is an option under my web listener to use both HTTP and HTTPS which in my case the HTTPS is not checked.

    Thanks

  • #2
    Re: Publishing Exchange 2003 OWA with SSL certificate in ISA Server 2006

    Try this article,
    it is written for Exchange 2007, but it goes into great detail about the web listener/publishing so hopefully should be of some help.



    http://www.isaserver.org/tutorials/P...all-Part1.html

    Comment


    • #3
      Re: Publishing Exchange 2003 OWA with SSL certificate in ISA Server 2006

      @hazey

      Skimmed through that but i didn't find any useful information there to help me on my problem. thanks


      Well anyway, i tried to export my SSL Certificate in my IIS 6.0 and import it on my ISA's CA and got an error. Upon validating my certificate it say's it was revoked by my certificate authority, so it's not a valid certificate to be attach on my publish OWA. What does that mean?

      Comment


      • #4
        Re: Publishing Exchange 2003 OWA with SSL certificate in ISA Server 2006

        You wrote you imported your internal OWA certificate to your "ISA's CA", does this mean your ISA server runs his own certificate authority?

        If so, just import the internal OWA certificate to the certificate store of the ISA server together with the certificate of the internal CA into the Trustworthy Root-CAs.

        If this all is not the case, you have to more specifical in your configuration and the steps you have done.

        Comment


        • #5
          Re: Publishing Exchange 2003 OWA with SSL certificate in ISA Server 2006

          Sounds to me like you've got a bridging issue, which is one of the tabs in the rule on the ISA Server.

          You CAN publish using SSL over the internet and then use HTTP bridging between the ISA Server and the Exchange server. I would however recommend that you do not do this and use SSL between the Exchange Server and the ISA Server. In this case you must make sure that the Exchange Server has a web server certificate corresponding to the name that the requests are being generated for. This name is normally the externally resolvable name for OWA (E.g. webmail.domain.com) and the ISA Server would have a hosts file entry mapping the internal IP address to webmail.domain.com
          BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
          sigpic
          Cruachan's Blog

          Comment


          • #6
            Re: Publishing Exchange 2003 OWA with SSL certificate in ISA Server 2006

            got it fix and working. a simple recreating the certificate on the CA(exchange server) solves the problem.

            @FischFra
            yup thats what i did. I export the cert from IIS including the key and import it to ISA Certifications(Personal). Good thing i got the same domain name internally and externally, else that would be a hell to publish OWA with SSL on my ISA, just wondering how would that go. LOL.

            anyway thanks again for the help everyone

            Comment


            • #7
              Re: Publishing Exchange 2003 OWA with SSL certificate in ISA Server 2006

              Originally posted by cruachan View Post
              Sounds to me like you've got a bridging issue, which is one of the tabs in the rule on the ISA Server.

              You CAN publish using SSL over the internet and then use HTTP bridging between the ISA Server and the Exchange server. I would however recommend that you do not do this and use SSL between the Exchange Server and the ISA Server. In this case you must make sure that the Exchange Server has a web server certificate corresponding to the name that the requests are being generated for. This name is normally the externally resolvable name for OWA (E.g. webmail.domain.com) and the ISA Server would have a hosts file entry mapping the internal IP address to webmail.domain.com
              yep.... thats how it goes thanks

              Comment

              Working...
              X