Exchange Exchange
A community dedicated to Exchange and related technology.
Forums » General Exchange and PowerShell » Exchange 2007 » OWA cerificate

OWA cerificate

rated by 0 users
This post has 2 Replies | 2 Followers

Top 25 Contributor
Points 50
Reply
arnolddoug665 Posted: 12-10-2007 11:40 AM

 

I am getting a certificate error for OWA. I have 2 certificates one for the internal server for my Outlook clients which works fine now.  The ceritificate for my OWA outside domain still gives me "Theres a problem with this website's security" error message.  Is there a way to add the certificate so that it applies to just the OWA part of Exchange 2007 and not change anything else?  Thanks!!
Top 10 Contributor
Points 3,290
Reply
Joel Stidley replied on 12-11-2007 12:16 AM

What error do you receive on the external certificate? You can only bind a single certificate to a service on a IP, so you would need to put ISA or another CAS box in front.... most people are now using certificates with multiple Subject Alternative Names (SANs) however. This way you need one certificate with all of the names.

 

- Joel

  • | Post Points: 5
Top 10 Contributor
Points 3,290
Reply
Joel Stidley replied on 01-02-2008 7:08 AM

Doug and I spoke on the phone and this is how we got to the bottom of his problem.

To walk through the process

  • Bound the correct certifcate on the default web site was bound to what was chosen, to make it easier he chose to use his email domain name as the site name.
  • Then we verified the settings we made properly using this KB http://technet.microsoft.com/en-us/library/bb201695.aspx
  • Third we ran the Test E-mail AutoConfiguration wizard in Outlook 2007 without the GuessSmart options. This test proved invaluable because it generated several errors that allowed us to eventually track down a DNS problem. (http://technet.microsoft.com/en-us/library/bb397225.aspx)

Some of the common errors for AutoConfiguration:

Error Code Description

0x80072EE7 – ERROR_INTERNET_NAME_NOT_RESOLVED

This error is usually caused by a missing host record for the Autodiscover service in the Domain Naming service.

0X80072F17 – ERROR_INTERNET_SEC_CERT_ERRORS

This error is usually caused by an incorrect certificate configuration on the Exchange 2007 computer that has the Client Access server role installed.

0X80072EFD – ERROR_INTERNET_CANNOT_CONNECT

This error is usually caused by issues that are related to Domain Naming service.

0X800C820A – E_AC_NO_SUPPORTED_SCHEMES

This error is usually caused by incorrect security settings in Outlook 2007.

 

 

- Joel

Page 1 of 1 (3 items) | RSS
© 2003-2008 NamedPipes Consulting. All other company and product names are property of their owners.
Powered by Community Server (Non-Commercial Edition), by Telligent Systems