We have one exchange server running Exchange Server 2003 Enterprise and on that we are serving secure OWA. My problem is this: The person who set the server up didn't document things and I haven't set up a server like this before. That person has since left and I was asked to try adding a root certificate so that we can extend our exchange communication to mobile devices. I requested an eval certificate from a root cert vendor and attempted to add it to my OWA (IIS) and unfortunately that has failed miserably. Since attempting to add this new cert I have crashed the OWA site and have been receiving errors like 'Event Src HTTP, ID 15005, Unable to bind to the underlying transport for *:443' & 'Src W3SVC, Event ID 1004, Cannot register the URL prefix https*.443/Exadmin/'. I've removed a few of the certs on the server as the individual who set this up originally must have tried 5 different certs and many are expired. I have also verified that nothing else is using those ports on those ip addresses using netstat -ano and have also had to manually add the ip & ports to IPListen. I have been finding a lot of docs on how to implement SSL and OWA but not anything that has discussed running this all on the same server let alone troubleshooting this setup. I've also hit this http://support.microsoft.com/kb/890015 many times but it has not helped resolve the issue. I've contacted MS support but they informed me it was a policy to not offer support for servers that were runnning in a virtualized environment. I feel I've gone around and around in circles and am not sure where I really need to be to get back to square one. At one point I had the site working again minus the images and the SSL. Eventually, besides getting this OWA issue resolved I would like to be able to extend exchange to my mobile users. Would anyone be able to give me pointers? Thanks!

If you are not to resolve the IIS and certificate issue, please try this http://support.microsoft.com/default.aspx?scid=kb;en-us;320202 . The article asks about removing and installing IIS and Exchange .. If your IIS got corrupted and have broken links with Exchange then need to do Reinstall of IIS. http://blog.crowe.co.nz/archive/2006/05/30/643.aspx after reinstalling IIS and OWA ,OMA working , you can configure SSL

The first thing is that I am not aware of any free certificate solution that is trusted by most mobile devices. You will have to purchase a certificate to do that. If the certificate isn't trusted, then they will not sync. The cheapest source for mobile device trusted certificates is GoDaddy. http://certificatesforexchange.com/ Have you removed the certificate through IIS manager? If not, then I suggest that you do so. That is where the certificate management should be done. There is always a chance that you have corrupted the IIS metabase, which is why you are getting errors. There is no problems with running OWA and SSL on the same server, there are very few ways of doing it any other way. You will find little specific about Exchange because it is all IIS. Unlike later versions of Exchange, with 2003 SSL is just an IIS function and very little will cause problems with it. Simon.Simon Butler, Exchange MVP Blog | Exchange Resources

Thank you both for taking the time to answer. Due to being heavily dependent upon Exchange and never ending schedules I was unwilling to attempt an IIS and Exchange uninstall/re-install. However, what I did do was build a replica of the domain and exchange server and was able to compare the settings, registry and configuration and finally get it working. However, I do have one question that pertains to OWA/IIS authentication. I will do more googleing but would like to hear if you are familiar with this and might help me to understand. I have forced SSL on our OWA web site, and am requiring a root certificate now, but I am concerned about selecting 'Basic authentication' as my authentication method for the Exchange virtual directory. In doing so I receive this warning: IIS Manager - "The authentication option you have selected results in passwords being transmitted over the network...warning does not apply to HTTPS (or SSL) connections." Does this mean that even though I have 'Basic auth' selected that I don't need to be concerned with passwords being sent in clear text because I am forcing SSL? Or do I? (I'm currently working my way through technet in this documentation and this.)

On Thu, 4 Nov 2010 17:25:47 +0000, absolutezero273c wrote: > > >Thank you both for taking the time to answer. Due to being heavily dependent upon Exchange and never ending schedules I was unwilling to attempt an IIS and Exchange uninstall/re-install. However, what I did do was build a replica of the domain and exchange server and was able to compare the settings, registry and configuration and finally get it working. > >However, I do have one question that pertains to OWA/IIS authentication. I will do more googleing but would like to hear if you are familiar with this and might help me to understand. > >I have forced SSL on our OWA web site, and am requiring a root certificate now, but I am concerned about selecting 'Basic authentication' as my authentication method for the Exchange virtual directory. > >In doing so I receive this warning: > >IIS Manager - "The authentication option you have selected results in passwords being transmitted over the network...warning does not apply to HTTPS (or SSL) connections." > >Does this mean that even though I have 'Basic auth' selected that I don't need to be concerned with passwords being sent in clear text because I am forcing SSL? Or do I? If you use HTTPS the data transferred between the two machines is sent over an encrypted data channel between the two session layers of the protocol stacks. So even though your sending data in text format it isn't readable until it gets to the session layer at the other machine. --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP

Hi, Rich. I understand the function of HTTPS/SSL and that the data will be encrypted, but my concern is with the login. Will the login credentials (login ID & password) be sent via an encrypted connection with this type of config? Or are the login credentials submitted in clear text and the encryption doesn't begin until after authentication? Thanks.

You have nothing to worry about. The SSL system is well establish. The link is established first, then all traffic is sent over that - web pages, authentication etc. Simon.Simon Butler, Exchange MVP Blog | Exchange Resources

On Fri, 5 Nov 2010 12:28:30 +0000, absolutezero273c wrote: >Hi, Rich. I understand the function of HTTPS/SSL and that the data will be encrypted, but my concern is with the login. Will the login credentials (login ID & password) be sent via an encrypted connection with this type of config? Yes, they will. >Or are the login credentials submitted in clear text and the encryption doesn't begin until after authentication? The entire session handled with SSL. --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP

Thank you for confirming that, Rich.