hi there,

This might be slightly off topic, but let me try..

I want to make sure that if someone type the browser URL "mail.contoso.com/owa" that the connection is moved to the https instead of HTTP, in automatic way.

The easiest (?) way is to add a custom error for error code 403.4 which do the redirect to the address https://mail.contoso.com/owa.

The challenge is that I cannot get the 403.4 activated in anyway. When I have the redirect rule for that, I only get the empty page for the browser. Also if I test this on the server itself I get the 403 error.

Does anybody have an idea what might block my custom error to be acti

Hi, 

Check this: https://technet.microsoft.com/en-us/library/aa998359(v=exchg.150).aspx

or this: http://www.mustbegeek.com/configure-url-redirection-in-exchange-2013/

Paul.

Hi Petri,

Thank you for your question.

We could refer to the following steps to meet you requirement:

1.        Start IIS Manager.
2.        Expand the local computer, expand Sites, and then click Default Web Site.
3.        At the bottom of the Default Web Site Home pane, click Features View if this option isn't already selected.
4.        In the IIS section, double-click HTTP Redirect.
5.        Select the Redirect requests to this destination check box.
6.        Type the absolute path of the /owa virtual directory. For example, type https://mail.contoso.com/owa.
7.        Under Redirect Behavior, select the Only redirect requests to content in this directory (not subdirectories) check box.
8.        In the Status code list, click Found (302).
9.        In the Actions pane, click Apply.
10.    Click Default Web Site.
11.    In the Default Web Site Home pane, double-click SSL Settings.
12.    In SSL Settings, clear Require SSL.

Notice:

If you dont clear Require SSL, users wont be redirected when they enter an unsecured URL. Instead, theyll get an access denied error.

For the new settings to take effect, open a Command Prompt window, and then type iisreset /noforce to restart IIS.

If there are any questions regarding this issue, please be free to let me know.

Best Regard,

Jim

Hi Jim,

I actually prefer the 403.4 error as above instructions does not solve the issue where user is typing the url on the browser as: "mail.contoso.com/owa" or "mail/owa". And also I do not like SSL is not required.

So do you have any idea why I'm not able to affect to the 403.4 error under the OWA?

Hi Petri,

If you log on OWA using http instead of Https, we must ignore SSL authentication. Because SSL use encrypt authentication way.

If there are any questions regarding this issue, please be free to let me know.

Best Regard,

Jim

No HTTP, no doubts :)

I would like to keep the setting "SSL required" on the \OWA to make sure that users who are typing on their browser an URL "mail.contoso.com/owa". When SSL is required they normally get the 403.4. error and I would like to make sure that IIS redirect them to "https://mail.contoso.com/owa" instead of giving error about 403.4.

Question is still, do you know what is blocking IIS to use my custom error for the 403.4 errors?

Hi Petri

If you want to use http instead of https, we should uncheck SSL required, it is by design.

If there are any questions regarding this issue, please be free to let me know.

Best Regard,

Jim

Once more, I do not want to use HTTP. I want to keep the SSL required on the OWA virtual director (or application, depends how you like to call it) in the IIS because of the security requirements (HTTP is not allowed for OWA).

I want to get custom error activated for the error 403.4 for the OWA. So that users are automatically redirected to the https://mail.contoso.com/owa if they by accident type "mail.contoso.com/owa".

How I do it?

Hi Petir,

If that, we could refer to the following steps to check if the issue persist:

1. Open IIS management->Default Web Site->HTTP Redirect
2. Then we type https://mail.contoso.com/owa and check "only redirect requests to content in this directory(not subdirectories)",then choose "Found (302)" and click "apply"
3. Navigate Default Web Site->Error Pages->choose "403"
4. Then choose "respond with a 302 redirect" and type https://mail.contoso.com/owa, click "ok"
5. Then, we should restart IIS to check if it worked.

In addition, to make sure OAB work, we should navigate to Default Web Site->OAB->right click "explore", then we could right click "Property" on Web.config, in Security table, add "authenticated users" with "Read" and "Read & execute" permission.

If there are any questions regarding this issue, please be free to let me know.

Best Regard,

Jim