OWA and SSL certificate does not install on Client

OWA and SSL certificate does not install on Client

Post by Rich » Wed, 19 Dec 2001 09:31:33



I have set up OWA and SSL and it is working fine, inside my private network.
It actually even works from the Internet, but with one really annoying
problem.  The certificate does not seem to install correctly on the client
PC.  Each time I access the secure OWA site I am challenged with a dialog
that says the certificate was issued by a company you have not chosen to
trust.  I have tried multiple times and in multiple ways to install the
certificate in a trusted zone, and each time I get the response that the
installation was successful.  But each time I access the site I am
challenged to install the certificate.  Note I am using a Win2K enterprise
CA server on my internal network to generate the certificate for my OWA
server.  On the "General" tab of the certificate there is a message  "This
certificate cannot be verified up to a trusted certification authority."  Is
this error because the client cannot contact the issuing server?  If so, is
there any way to get around this without exposing my certificate server to
the Internet?  Any help appreciated.

Thanks,
Rich

 
 
 

OWA and SSL certificate does not install on Client

Post by AI » Thu, 20 Dec 2001 22:50:56


Hello,

Please refer to "Windows 2000 Certification Authority Configuration to
Publish Certificates in Active Directory of Trusted Domain (Q281271)" at
http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q281271
and "How to Force SSL Encryption for an Outlook Web Access 2000 Client
(Q279681)" at
http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q279681.

Regards,

Intermedia.NET (AI)
Microsoft Certified Solutions Provider
Providing expertise in hosting applications
MS Exchange Hosting: http://www.intermedia.net/exchangehosting
Windows 2000 Web Hosting:  http://www.intermedia.net/webhosting
For a waiver of the set up fee use "IMFREE" code


Quote:> I have set up OWA and SSL and it is working fine, inside my private
network.
> It actually even works from the Internet, but with one really annoying
> problem.  The certificate does not seem to install correctly on the client
> PC.  Each time I access the secure OWA site I am challenged with a dialog
> that says the certificate was issued by a company you have not chosen to
> trust.  I have tried multiple times and in multiple ways to install the
> certificate in a trusted zone, and each time I get the response that the
> installation was successful.  But each time I access the site I am
> challenged to install the certificate.  Note I am using a Win2K enterprise
> CA server on my internal network to generate the certificate for my OWA
> server.  On the "General" tab of the certificate there is a message  "This
> certificate cannot be verified up to a trusted certification authority."
Is
> this error because the client cannot contact the issuing server?  If so,
is
> there any way to get around this without exposing my certificate server to
> the Internet?  Any help appreciated.

> Thanks,
> Rich


 
 
 

OWA and SSL certificate does not install on Client

Post by Mark Rodger » Fri, 21 Dec 2001 06:02:11


Rich, I had the same problem with a certificate I issued to encrypt OWA.
The problem is that your client machine does not trust the CA and the dialog
box on installing the CA to the client is misleading and doesn't actually
install the CA certificate (which you obviously know)

Here's the solution:

http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q297681


Quote:> I have set up OWA and SSL and it is working fine, inside my private
network.
> It actually even works from the Internet, but with one really annoying
> problem.  The certificate does not seem to install correctly on the client
> PC.  Each time I access the secure OWA site I am challenged with a dialog
> that says the certificate was issued by a company you have not chosen to
> trust.  I have tried multiple times and in multiple ways to install the
> certificate in a trusted zone, and each time I get the response that the
> installation was successful.  But each time I access the site I am
> challenged to install the certificate.  Note I am using a Win2K enterprise
> CA server on my internal network to generate the certificate for my OWA
> server.  On the "General" tab of the certificate there is a message  "This
> certificate cannot be verified up to a trusted certification authority."
Is
> this error because the client cannot contact the issuing server?  If so,
is
> there any way to get around this without exposing my certificate server to
> the Internet?  Any help appreciated.

> Thanks,
> Rich

 
 
 

OWA and SSL certificate does not install on Client

Post by Rich » Fri, 21 Dec 2001 07:15:45


Thanks to both of you that responded!  This looks like it will cover the
problem.  For some reason as much as I searched Technet, I did not come up
with this article.
Much appreciated.


Quote:> I have set up OWA and SSL and it is working fine, inside my private
network.
> It actually even works from the Internet, but with one really annoying
> problem.  The certificate does not seem to install correctly on the client
> PC.  Each time I access the secure OWA site I am challenged with a dialog
> that says the certificate was issued by a company you have not chosen to
> trust.  I have tried multiple times and in multiple ways to install the
> certificate in a trusted zone, and each time I get the response that the
> installation was successful.  But each time I access the site I am
> challenged to install the certificate.  Note I am using a Win2K enterprise
> CA server on my internal network to generate the certificate for my OWA
> server.  On the "General" tab of the certificate there is a message  "This
> certificate cannot be verified up to a trusted certification authority."
Is
> this error because the client cannot contact the issuing server?  If so,
is
> there any way to get around this without exposing my certificate server to
> the Internet?  Any help appreciated.

> Thanks,
> Rich