|
Question : OWA implementation
|
|
To All, Fishadr,
I followed the procedure listed in this post but i still cannot configured correct secure OWA implementation thru SSL.
http://www.msexchange.org/tutorials/SSL_Enabling_OWA_2003.html
The following are the Virtual machine that i have:
Svr2k3.hybridroot.local- Win2k3 as AD,DNS,DHCP/ exchange
svrmember.hybridroot.local- Win2k3 as Member Server/ Exchange (another mailbox/ same organization)
xppro2.hybridroot.local- 2 xp clients
When i installed the Certificate Services Component on svr2k3 server and "CREATE A CERTIFCATE REQUEST" when
I configure the CA to accept the PENDING REQUEST thru http://server/certsrv Im facing these problems:
Access thru:
http://svr2k3/certsrv- IE reports
The page must be viewed over a secure channel
The page you are trying to access is secured with Secure Sockets Layer (SSL).
--------------------------------------------------------------------------------
Please try the following:
Type https:// at the beginning of the address you are attempting to reach and press ENTER.
HTTP Error 403.4 - Forbidden: SSL is required to view this resource.
Internet Information Services (IIS)
Access thru:
https://svr2k3/certsrv
Internet Explorer cannot display the webpage
Most likely causes:
You are not connected to the Internet.
The website is encountering problems.
There might be a typing error in the address.
What you can try:
Check your Internet connection. Try visiting another website to make sure you are connected.
Retype the address.
Go back to the previous page.
More information
PLEASE correct me if im wrong, based on the post link above, the following are the procedure that i
performed- topic by topic:
Configuring the Certificate Authority
-I did this in SVR2k3 server
-Choose Enterprise root CA
-Common name for this XA: rogercommon
- followed all the defaults
Creating the Certificate Request
-I did this is SVR2K3 server also
-I create new certificate
-choose "prepare the request now, but send it later"
-Name for new Certificate> SSL Certificate for OWA
-Organization: Hybridroot Corp/ Organizational Unit: Messaging
Another question: for Organization and Organizational Unit>> are these are USER DEFINED entries or
should be the real and existing Organization name and Organizational Unit (OU)
-Common Name: SVR2K3
-I Choose entries for Country, State, and City
-Certicate filename is: certreq.txt save in Drive C:
Getting the Pending Request accepted by our Certificate Authority
-Now that the Certificate Request is pending, I will configure the CA to accept the pending request
thru this
I did this in SVR2K3 server again
- I open the Internet Explorer
- type in http://svr2k3/certserv
BUT i experience the following Error Pages:
Access thru:
http://svr2k3/certsrv- IE reports
The page must be viewed over a secure channel
The page you are trying to access is secured with Secure Sockets Layer (SSL).
--------------------------------------------------------------------------------
Please try the following:
Type https:// at the beginning of the address you are attempting to reach and press ENTER.
HTTP Error 403.4 - Forbidden: SSL is required to view this resource.
Internet Information Services (IIS)
Access thru:
https://svr2k3/certsrv
Internet Explorer cannot display the webpage
Most likely causes:
You are not connected to the Internet.
The website is encountering problems.
There might be a typing error in the address.
What you can try:
Check your Internet connection. Try visiting another website to make sure you are connected.
Retype the address.
Go back to the previous page.
More information
I ENCOUNTER THE SAME PROBLEM EVEN IF I USE THESE URLs:
http://svr2k3.hybridroot.local/certsrv
https://svr2k3.hybridroot.local/certsrv
Please advise to where i done wrong or miss something on my configurations.
Im eager to learn and understand this feature of exchange messaging.
Appreciate your response. Many thanks.
-charles
|
Answer : OWA implementation
|
|
Can't you just bypass this by selecting send the request to an online certificate authority instead of prepare the request now but send it later. This should work fine!
Raymond
|
|
|
|
|
