OWA and SSL

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: John (noSPAM_at_please.net)
Date: 03/18/04 

Date: Thu, 18 Mar 2004 08:49:00 -0500

Hi.
Is there a way (or is it even advisable) to have SSL enabled for just the
login of OWA, then, not use SSL for the rest of the session? Main reason -
to speed it up basically.
Or is it advisable to keep SSL throughout the session?
The difference with and without SSL is huge in speed. At least what I've
seen.

Any advice would be great.
Thanks in advance.

Relevant Pages

  • Re: Advice on when to use SSL? esp. Session ID security
    ... round trip (I believe this is what IIS does for its own session identifier). ... Obviously I'll be using it on the login page, ... > think about retaining SSL for the duration of the user's session? ... > user logs on and returns to a standard HTTP connection. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: OWA 2003 Access Denied
    ... My login (domain admin) can access OWA no problem over ssl. ... "HTTP 500 - Internal server error" when attempting to login. ...
    (microsoft.public.exchange.connectivity)
  • session security
    ... Currently all of my php pages use SSL, not just my initial login. ... A leaked session id enables the third party to access all resources which are associated with a specific id. ...
    (comp.lang.php)
  • SSL and IPS (was RE: ssh and ids)
    ... How many simultaneous SSL sessions can be tracked?" ... I assume you're talking about a case in which the client constantly ... If you walk the possible session id space and ... The server chooses the session ID, ...
    (Focus-IDS)
  • Re: OWA 401 Errors
    ... Thanks James. ... Weird thing is that, when I'm on the road, I can use OWA fine. ... Are you doing SSL redirection? ... they never even get to the login part... ...
    (microsoft.public.exchange.admin)