Announcement

Collapse
No announcement yet.

OWA and OAB no longer work after changes to incorporate SSL certificate

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • OWA and OAB no longer work after changes to incorporate SSL certificate

    My DC is MS Server 2003 and my Exchange server is MS Server 2008 with Exchange 2007.


    My internal domain is .int, I cannot secure the external version. I have set up split DNS so mail.domain.co.uk resolves internally to my mailserver. I can then purchase an SSL certificate with only. mail.domain.co.uk + autodiscover.domain.co.uk + mailserver.


    However now I have set this all up OWA and OAB do not work internally or externally. Here is what I have done.


    To resolve mail.domain.co.uk to my mailserver internally. In DNS I made a 'domain.co.uk' zone and put 'mail' in as a Host A. I have also had to create A records for www and all my subdomains forwarding to their external IPs.


    In Exchange 2007 I adjusted the CLIENT Receive Connector in Server configuration, Hub Transport to mail.domain.co.uk.


    Under Server Configuration > Client access > I changed all URLs to mail.domain.co.uk, keeping any text after the TLD. e.g. OWA Internal and External URL = https://mail.domain.co.uk/owa.


    I have also changed ClientAccessServer to https://mail.domain.co.uk/autodiscover/autodiscover.xml and WebServicesVirtualDirectory to https://mail.domain.co.uk/ews/exchange.asm.


    Any help would be much appreciated.

  • #2
    Re: OWA and OAB no longer work after changes to incorporate SSL certificate

    I've disabled SSL and now I am able to access OWA.
    I must have installed the certificates incorrectly.

    I have a go daddy SAN certificate comprising of:
    gd_iis_intermediates.p7b
    mail.domain.co.uk.crt

    What is the best way of clearing any mess I have made and installing them?

    Comment


    • #3
      Re: OWA and OAB no longer work after changes to incorporate SSL certificate

      Originally posted by Relentim View Post
      I've disabled SSL and now I am able to access OWA.
      I must have installed the certificates incorrectly.

      I have a go daddy SAN certificate comprising of:
      gd_iis_intermediates.p7b
      mail.domain.co.uk.crt

      What is the best way of clearing any mess I have made and installing them?
      Using SSL + OWA - what is the error you receive?
      OAB: When you say it doesnt work? Are you not able to get the Test-EmailAutoconfiguration to work or does it not download the OAB? please provide the error? Which version of Outlook you are using

      Check this out also:

      http://technet.microsoft.com/en-us/l...EXCHG.80).aspx
      http://support.microsoft.com/kb/940726/en-us - follow this to make sure internal and external URLs are set


      Now regarding the certificate installation:
      Could you please tell us what steps you took to import/enable the certificate?

      Have you checked the Binding on Default Web Site for port 443 and whether the Go daddy certificate is selected or not?

      Are you able to get to the Default Website atleast on SSL or not? https://mail.domain.co.uk - whats the output?

      Please let us know the above details and then we would be able to help you in a better way.

      Regards
      Jedi001
      Technical Director
      www.tecguruz.com
      Ex-Microsoft (Exchange Client & Server Infrastructure Team), MCSA, MCSE, MCITP, MCTS & ITIL Foundation certified

      Comment


      • #4
        Re: OWA and OAB no longer work after changes to incorporate SSL certificate

        Did you disable the certificate that GoDaddy state to do so? On Windows 2008 there is an additional certificate that causes problems which has to be disabled. It is in the instructions from GoDaddy.

        Simon.
        --
        Simon Butler
        Exchange MVP

        Blog: http://blog.sembee.co.uk/
        More Exchange Content: http://exchange.sembee.info/
        Exchange Resources List: http://exbpa.com/
        In the UK? Hire me: http://www.sembee.co.uk/

        Sembee is a registered trademark, used here with permission.

        Comment

        Working...
        X