Question : OWA implementation

To All, Fishadr,

I followed the procedure listed in this post but i still cannot configured correct secure OWA implementation thru SSL.
http://www.msexchange.org/tutorials/SSL_Enabling_OWA_2003.html

The following are the Virtual machine that i have:
Svr2k3.hybridroot.local- Win2k3 as AD,DNS,DHCP/ exchange
svrmember.hybridroot.local- Win2k3 as Member Server/ Exchange (another mailbox/ same organization)
xppro2.hybridroot.local- 2 xp clients

When i installed the Certificate Services Component on svr2k3 server and "CREATE A CERTIFCATE REQUEST" when
I configure the CA to accept the PENDING REQUEST thru http://server/certsrv Im facing these problems:

Access thru:
http://svr2k3/certsrv- IE reports

The page must be viewed over a secure channel
The page you are trying to access is secured with Secure Sockets Layer (SSL).
--------------------------------------------------------------------------------

Please try the following:

Type https:// at the beginning of the address you are attempting to reach and press ENTER.
HTTP Error 403.4 - Forbidden: SSL is required to view this resource.
Internet Information Services (IIS)


Access thru:
https://svr2k3/certsrv

  Internet Explorer cannot display the webpage
   
   Most likely causes:
You are not connected to the Internet.
The website is encountering problems.
There might be a typing error in the address.
 
   What you can try:
     Check your Internet connection. Try visiting another website to make sure you are connected.  
 
     Retype the address.  
 
     Go back to the previous page.
 
     More information
 


PLEASE correct me if im wrong, based on the post link above, the following are the procedure that i
performed- topic by topic:

Configuring the Certificate Authority
     -I did this in SVR2k3 server
           -Choose Enterprise root CA
           -Common name for this XA: rogercommon
           - followed all the defaults

Creating the Certificate Request
   -I did this is SVR2K3 server also
   -I create new certificate
   -choose "prepare the request now, but send it later"
   -Name for new Certificate> SSL Certificate for OWA
   -Organization: Hybridroot Corp/ Organizational Unit: Messaging
         Another question: for Organization and Organizational Unit>> are these are USER DEFINED entries or
         should be the real and existing Organization name and Organizational Unit (OU)
   -Common Name: SVR2K3
   -I Choose entries for Country, State, and City
   -Certicate filename is: certreq.txt save in Drive C:


Getting the Pending Request accepted by our Certificate Authority
-Now that the Certificate Request is pending, I will configure the CA to accept the pending request

thru this
I did this in SVR2K3 server again
- I open the Internet Explorer
- type in http://svr2k3/certserv

BUT i experience the following Error Pages:

Access thru:
http://svr2k3/certsrv- IE reports

The page must be viewed over a secure channel
The page you are trying to access is secured with Secure Sockets Layer (SSL).
--------------------------------------------------------------------------------

Please try the following:

Type https:// at the beginning of the address you are attempting to reach and press ENTER.
HTTP Error 403.4 - Forbidden: SSL is required to view this resource.
Internet Information Services (IIS)


Access thru:
https://svr2k3/certsrv

  Internet Explorer cannot display the webpage
   
   Most likely causes:
You are not connected to the Internet.
The website is encountering problems.
There might be a typing error in the address.
 
   What you can try:
     Check your Internet connection. Try visiting another website to make sure you are connected.  
 
     Retype the address.  
 
     Go back to the previous page.
 
     More information



I ENCOUNTER THE SAME PROBLEM EVEN IF I USE THESE URLs:

http://svr2k3.hybridroot.local/certsrv
https://svr2k3.hybridroot.local/certsrv


Please advise to where i done wrong or miss something on my configurations.
Im eager to learn and understand this feature of exchange messaging.

Appreciate your response. Many thanks.

-charles

Answer : OWA implementation

Can't you just bypass this by selecting send the request to an online certificate authority instead of prepare the request now but send it later. This should work fine!

Raymond