OWA & SSL Not working

OWA & SSL Not working

Post by Stumpe » Fri, 15 Nov 2002 22:46:06



I had ex2k with owa up and running fine.  I then installed
certificate services and installed a certificate for
exchg.  Administrators can login over internet with win98
however not with win2k or xp.  The dialog pops up telling
them it's a secure connection however the logon box never
comes up.  Win98 non admin clients cannot login either.  
Does anyone have any idea what might be the problem?
 
 
 

OWA & SSL Not working

Post by Ed M » Sat, 16 Nov 2002 05:52:02


Did you install the certs on the IIS default website
(HTTP)for both the frontend and backend machines?  Have
you configured the HTTP protocol permissions by adding
the default domain, unchecked Intergrated Authentication,
and checked basic Authentication?  I would also verify
that the cert you installed from your Domain Controller
is actually trusted.

Ed M.

Quote:>-----Original Message-----
>I had ex2k with owa up and running fine.  I then
installed
>certificate services and installed a certificate for
>exchg.  Administrators can login over internet with
win98
>however not with win2k or xp.  The dialog pops up
telling
>them it's a secure connection however the logon box
never
>comes up.  Win98 non admin clients cannot login either.  
>Does anyone have any idea what might be the problem?
>.


 
 
 

OWA & SSL Not working

Post by Rich Matheisen [MVP » Sat, 16 Nov 2002 13:21:19



>Did you install the certs on the IIS default website
>(HTTP)for both the frontend and backend machines?  

Communication between the F-E and B-E is done with HTTP, not HTTPS. If
you require a secure connection between then you'll have to use IPSec.

--
Rich Matheisen
MCSE+I, Exchange MVP
MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm

 
 
 

OWA & SSL Not working

Post by Rich Matheisen [MVP » Sun, 17 Nov 2002 12:37:06



>I know this is going to sound stupid...but what do you
>mean by front end and back end?  

I was replying to the person that asked about your using HTTPS on a
back-end server. A front-end server is (for the most part) a protocol
proxy. It simply passes packets between the client and a back-end
server. A back-end server is where the mailboxes and public folders
are.

Quote:>I have one server running
>exchange 2k

Then you have only a Back-end server.

--
Rich Matheisen
MCSE+I, Exchange MVP
MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm

 
 
 

OWA & SSL Not working

Post by Mark » Mon, 18 Nov 2002 00:33:26


Ok, So with one server (Exchange, Root server in the tree,
and running IIS)can SSL be used to encrypt the data?  Or
do I have to configure another server and setup a front
end back end topology?  

If that is too much to answer my goal was to have a secure
OWA session, do you have another suggestion as how to do
this (so that users can get their mail from anywhere)?

>-----Original Message-----

>>I know this is going to sound stupid...but what do you
>>mean by front end and back end?  

>I was replying to the person that asked about your using
HTTPS on a
>back-end server. A front-end server is (for the most
part) a protocol
>proxy. It simply passes packets between the client and a
back-end
>server. A back-end server is where the mailboxes and
public folders
>are.

>>I have one server running
>>exchange 2k

>Then you have only a Back-end server.

>--
>Rich Matheisen
>MCSE+I, Exchange MVP
>MS Exchange FAQ at

http://www.swinc.com/resource/exch_faq.htm

- Show quoted text -

Quote:>.

 
 
 

OWA & SSL Not working

Post by Rich Matheisen [MVP » Mon, 18 Nov 2002 04:50:29



>Ok, So with one server (Exchange, Root server in the tree,
>and running IIS)can SSL be used to encrypt the data?  

Yes.

Quote:>Or
>do I have to configure another server and setup a front
>end back end topology?  

No.

Quote:>If that is too much to answer my goal was to have a secure
>OWA session, do you have another suggestion as how to do
>this (so that users can get their mail from anywhere)?

The use of a cert and SSL should work (assuming that port 443 is
allowed through the firewall).

--
Rich Matheisen
MCSE+I, Exchange MVP
MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm

 
 
 

OWA & SSL Not working

Post by Mark » Mon, 18 Nov 2002 23:55:28


Rich,

First let me thank you for taking the time to answer my
questions (Much Appreciated).

So I have the server setup (cert installed, owa running)
however only win98 clients with administrator privliges
can actually get to their mail (again this is a test and I
have tried to login with win2k pro, xp pro, and win98) for
the win2k, winxp the logon prompt never appears (it just
hangs, you do get the prompt about the cert but no logon
box).  Any ideas?

Thanks again

Mark

>-----Original Message-----

>>Ok, So with one server (Exchange, Root server in the
tree,
>>and running IIS)can SSL be used to encrypt the data?  

>Yes.

>>Or
>>do I have to configure another server and setup a front
>>end back end topology?  

>No.

>>If that is too much to answer my goal was to have a
secure
>>OWA session, do you have another suggestion as how to do
>>this (so that users can get their mail from anywhere)?

>The use of a cert and SSL should work (assuming that port
443 is
>allowed through the firewall).

>--
>Rich Matheisen
>MCSE+I, Exchange MVP
>MS Exchange FAQ at

http://www.swinc.com/resource/exch_faq.htm

- Show quoted text -

Quote:>.

 
 
 

1. OWA & SSL won't work

I have an Exchange Server 5.5 SP3 on NT4.0 SP6a server
and have another machine running win2k server SP2 with
OWA.  I'm trying to use the SSL.  I have generated and
installed a certificate, but I get page cannot be
displayed when I try to use https.  Without the
certificate OWA works fine on http.

Thanks in advance.

2. Exchange SDK

3. New SSL certificate installed now OWA Password change does not work

4. Multiple Adress book options

5. OWA - Attachments not working after enabling SSL, sp2

6. Disaster Preparation

7. OWA - to SSL or not to SSL??

8. FreeBusy on Exchange server

9. SSL and IMAP does not work!

10. Possible SP4-Exchange 5.5 SP1 Problem - LDAP/SSL + IMAP + POP3 not working

11. Web Access and SSL Not working