No announcement yet.

Redirecting to SSL for webmail/activesync

  • Filter
  • Time
  • Show
Clear All
new posts

  • Redirecting to SSL for webmail/activesync


    I have a subdomain set up for webmail and activesync connectios with SSL (ex. Users are directed to this domain for email access and it is working without issue. I have the subdomain set up that points to the same IP so that we are not black listed from other domains we send emails to; so they can verify that mail is coming from the correct IP. Well, users can also connect to for webmail and activesync and I want to prevent this or redirect them to the SSL subdomain. I can do this though my domain registry company, but will this affect anything else in a negastive way? Also, this will redirct webmail access, but I do not think that it will work for smartphones connecting through activesync. Is there another way (or better way) of doing this through exchange 2003? Thank you.

  • #2
    Re: Redirecting to SSL for webmail/activesync

    I have to ask, since it is the same IP, and ends up at the same virtual directory in IIS, why bother (SSL will work on both -- it is at the virtual directory level -- and I assume SSL is enforced)?

    Just tell users the devices should be configured to and if they call you saying they are having problems with tell them to reconfigure. You could tell a white lie and say the certificate only works with so using mail is a security risk
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    IT Trainer / Consultant
    Ossian Ltd

    ** Remember to give credit where credit is due and leave reputation points where appropriate **


    • #3
      Re: Redirecting to SSL for webmail/activesync

      To echo above, why bother?
      Anything you do in DNS is either not going to work, or break ActiveSync. ActiveSync cannot be redirected to another URL. It either connects to the URL entered or fails.

      Settle on a single URL, get the DNS and PTR to match and tell users to check their devices and correct if required. Then delete the other DNS entry.

      It would be possible to support both URLs on the same SSL certificate. You would need to use a Unified Communications certificate. Generate a new SSL request and then when you enter it in to the SSL provider, add the second host name as an additional one.

      Simon Butler
      Exchange MVP

      More Exchange Content:
      Exchange Resources List:
      In the UK? Hire me:

      Sembee is a registered trademark, used here with permission.