Re: SSL and OWA
From: Raven (Raven_at_discussions.microsoft.com)
Date: 01/20/05
- Previous message: MaGuE: "No context menu to create new virtual SMTP Server"
- In reply to: Ken Schaefer: "Re: SSL and OWA"
- Next in thread: Raven: "Re: SSL and OWA"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 20 Jan 2005 05:53:06 -0800
Well I looked in the IIS log file but there was nothing that seemed even to
relate to SSL in there. I did a simulated handshake using SSL diagnostics and
got the following (is there no way to attach files to these messages?)
System time: Thu, 20 Jan 2005 13:42:33 GMT
Connecting to 127.0.0.1:443
Connected
Handshake: 108 bytes sent
Handshake: 1415 bytes received
Handshake: 182 bytes sent
Handshake: 43 bytes received
Handshake succeeded
Verifying server certificate, it might take a while...
Server certificate name: mail.macleandata.co.uk
Server certificate subject: C=GB, S=Midlands, L=Leicestershire, O=Maclean
Data, OU=IT, CN=mail.macleandata.co.uk
Server certificate issuer: C=US, CN=mail.macleandata.co.uk
Server certificate validity: From 1/19/2005 8:52:59 AM To 1/19/2007 8:52:59 AM
HTTPS request:
GET / HTTP/1.0
User-Agent: SSLDiag
Accept:*/*
HTTPS: 72 bytes of encrypted data sent
HTTPS: 301 bytes of encrypted data received
Status:
HTTP/1.1 401 Access Denied
HTTP/1.1 401 Access Denied
Server: Microsoft-IIS/5.0
Date: Thu, 20 Jan 2005 13:42:33 GMT
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
WWW-Authenticate: Basic realm="127.0.0.1"
Content-Length: 24
Content-Type: text/html
HTTPS: server disconnected
Error: Access is Denied.
Final handshake: 23 bytes sent successfully
- - - - - - - - END - - - - - - - - -
"Ken Schaefer" wrote:
> Using the IIS Logfiles, verify that the requests are going to the correct
> site.
> Also, if you are using IIS6, you should be able to see the HTTP substatus
> code in the logfile entry. Please post that so we can see why you are
> getting an Access Denied.
>
> Lastly, you can use SSLDiag to troubleshoot the SSL issues:
> http://www.microsoft.com/downloads/details.aspx?FamilyId=CABEA1D0-5A10-41BC-83D4-06C814265282&displaylang=en
>
> Cheers
> Ken
>
>
> "Raven" <Raven@discussions.microsoft.com> wrote in message
> news:3BB267E8-A2B7-4169-A680-01A240E6064E@microsoft.com...
> > Ok - managed to get a little bit further. Having added the FQDN to my
> > hosts
> > file I can now access it using the full name. However, I still get the
> > same
> > errors. 403 forbidden without HTTPS and cannot find server or DNS error
> > with
> > HTTPS. Take out the cert and it all works fine, put in the cert and it all
> > stops etc etc etc
> >
> > "Raven" wrote:
> >
> >> I have decided to secure my OWA site using SSL. I have followd the
> >> instructions for installing certificate services, creating a server
> >> certificate and used the external domain name as the common name for the
> >> server.
> >>
> >> Having applied the certificate I can now no longer access OWA internally
> >> (can't check it externally). I used to be able to do this but only by
> >> using
> >> the server name and not the FQDN. I am assuming this is something to do
> >> with
> >> having told the certificate server that the common name is the FQDN.
> >>
> >> Any suggestions as to why I can't access the server. If I use HTTP and
> >> the
> >> internal server name I get Error 403 forbidden. If I use HTTPS I get the
> >> page
> >> you are looking for cannot be displayed.
>
>
>
- Previous message: MaGuE: "No context menu to create new virtual SMTP Server"
- In reply to: Ken Schaefer: "Re: SSL and OWA"
- Next in thread: Raven: "Re: SSL and OWA"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
