Re: Problems setting up SSL on Exchange 2003 Front End server

What you saw was a self-signed cert issued by SSLDiag. This allowed you to
quickly isolate the problem to the certificate itself and once that was
changed by SSLDiag SSL worked.

You can delete the old certificate and revoke it from your CA. Then submit a
new cert req.
--
Bharat Suneja
MVP - Exchange
www.zenprise.com
blog: www.suneja.com/blog
-----------------------------------------


"Curtis Fray" <xxx@xxxxxxx> wrote in message
news:%23ndR%23akWGHA.1352@xxxxxxxxxxxxxxxxxxxxxxx
One other question, I've noticed the certificate its picked up has been
issued by the Exchange FE server itself. It doesn't seem to have picked
one up from the actual CA in the forest root. And the one had has issued
itself is only valid for seven days.

Do you have any ideas how can get a certificate from the CA server itself?
Or move the self-generated one to the CA?

Thanks,

Curtis.

--
"Curtis Fray" <xxx@xxxxxxx> wrote in message
news:OfQfbYkWGHA.2080@xxxxxxxxxxxxxxxxxxxxxxx
Hi Bharat,

Thanks for the quick reply. That's managed to fix my problem. It flagged
up an error about the certificate. I just right clicked the error and
selected "Create New Cert" and it sorted itself out. Not sure exactly
what was wrong but it's all ok now.

Thanks again!!

Curtis.

--
"Bharat Suneja [MVP]" <bharatsuneja@xxxxxxxxxxx> wrote in message
news:OgzlIIkWGHA.5012@xxxxxxxxxxxxxxxxxxxxxxx
Run SSLDiag
http://www.microsoft.com/downloads/details.aspx?FamilyID=cabea1d0-5a10-41bc-83d4-06c814265282&displaylang=en


--
Bharat Suneja
MVP - Exchange
www.zenprise.com
blog: www.suneja.com/blog
-----------------------------------------


"Curtis Fray" <xxx@xxxxxxx> wrote in message
news:u%23YSx0jWGHA.3492@xxxxxxxxxxxxxxxxxxxxxxx
Hi,

I've had a 2-node 2003 cluster running for a while now. I'm just in the
process of setting up a FE server for this. I've installed it and got
it running, and all looks ok, but now I've come to setting up SSL I'm
running into problems.

I have installed a an Enterprise Root CA on a server in the forest
root. The Exchange servers are all running in the sub-domain of this.
I've followed the instructions found on this website:
http://tinyurl.com/4xa74

All seems to go well up until step 14 of the section called "Creating
the Certificate Request". I get the "Certificate Request Submission" as
it says I should, and on clicking Next I get a screen informing me I've
successfully completed the wizard and the certificate is now installed
on this server. However, if I then Edit the Secure Communications I
found it hadn't automatically ticked the SSL and Require 128-bit
encryption boxes. If I tick those manually and try and access the OWA
site by going to the http:// address I do get a message saying it's
secured by SSL. But if I try and go to the https:// address I simply
get a page cannot be displayed error. Incidently, if I remove the
Require SSL option I can access OWA over http.

I've also noticed under the Directory Security tab where I set this up,
the "View Certificate" box is greyed out. Does this mean the
certificate itself hasn't been installed correctly?

Thanks in advance,

Curtis.
--
Please reply to news group only. Thank you.









.

Relevant Pages

  • RE: SSL MITM not on port 443
    ... Have you ever done what you're trying to do on a "normal" SSL web ... My recommendation would be to set up a web server in your lab ... hopes that the client will accept that certificate. ... SSL MITM not on port 443 ...
    (Pen-Test)
  • Re: OWA 2003 w/ Smart Card Authentication.
    ... Exchange 2003 server via ActivSync. ... the IIS certificate. ... Whether or not authentication will succeed is completely dictated by ... Server's SSL certificate must be configured on root of v-server via ...
    (microsoft.public.exchange.connectivity)
  • Re: Web Certificate for IIS Server on SBS Domain
    ... Before your reply, I actually ran across rapidssl myself, and have ordered and installed the free 30-day certificate on my site. ... I explained what you'd told me about putting my existing configuration at risk by installing Cert Services, and he said he didn't know that. ... Again, if you're just needing a cert to install on your web server to provide SSL connectivity for remote users, go with an external third-party provider. ... When you add Certificate Services on an internal network, lots of internal communications will start using pieces provided by the Cert Server instead of the defaults from Server 2003, and when things blow up, they can blow up gloriously. ...
    (microsoft.public.windows.server.sbs)
  • Re: Publish SSL Web Server behind SBS2003
    ... > How to configure a certificate for use with a Web publishing rule in ISA ... > Server 2004 ... > RWW/OWA for SSL encryption. ... Right click the SSL Web Site and click Properties. ...
    (microsoft.public.windows.server.sbs)
  • Re: "Could not connect to server" error when accessing Outlook 200
    ... Perhaps when you connect via RDP, you have to use SSL. ... The server you are connected to is using a security certificate ... A certificate chain processed, but terminated in a root certificate which is ... Settings on the Advanced tab. ...
    (microsoft.public.outlook.installation)
Loading