Re: RPC over HTTP with Basic Authentication and no SSL

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

My GoDaddy Turbo SSL certificate cost me $16.99 per year when I bought a
10-yr cert. Exchange 2003 will even work with a free self-signed cert for
OMA, OWA, and RPC over HTTPS. A public cert is not required, but it sure is
more convenient.

The original post way back in 2006 (a good reason to start one's own post!)
claimed that "...locks the checkbox for SSL as checked, which
means it wont work, because the server doesnt support https." That server
must not have been Exchange 2003, or it was set up wrong, as Exchange 2003
most certainly does support SSL for OMA, OWA, and RPC over HTTPS. If his OWA
"is only available using http anyways..." then the server is set up wrong.
The ONLY port that a properly-configured Exchange 2003 server needs for RPC
over HTTPS is port 443. I **never** open port 80 to an Exchange server.

Just my two cents!

Gregg


"neo [mvp outlook]" <neo@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:e5ZzxequJHA.4980@xxxxxxxxxxxxxxxxxxxxxxx
Try XRamp
https://www.securetrust.com/sslcertificates/premium/

At the bottom a 3 year certificate is $225.

"Tish" <Tish@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:7C1FAC41-D009-4457-93AF-B46EC4B09609@xxxxxxxxxxxxxxxx

I have the same problem and you are correct that the 'folks who run
exchange
back at my server' aren't enthusiastic about downgrading security. (By
the
way, I'm also the person who runs exchange on our server so it's myself
I'm
protesting to.) Getting a certificate seems an expensive business unless
you
know of someplace we could get one for a low cost. We use our server for
a
non profit foundation and budgets are very lean. Where do we even go to
get
a certificate? Thanks. Appreciate all the good advice that comes from
both
the person identifying an issue and the people answering in the
Community.
Just reading through the items looking for one that suits my problem is
educational.

"neo [mvp outlook]" wrote:

Yes, the folks at your company that run Exchange. I doubt they would do
it
since Microsoft does not recommend this type of configuration for an
internet facing system.

Most think RPC/HTTPS is nothing more than Outlook 2003/7 connecting to
OWA
to retrieve data, but it isn't. The two solutions are very different
with
different needs.

"erezy" <erezy@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:CEC7DA55-4A55-4F2C-BC87-678AE6627C54@xxxxxxxxxxxxxxxx
"he folks that run Exchange downgrade the security" -
does this mean the ppl at my company?
that would mean its possible, the question is how.

my logic says that if our OWA is only available using http anyways,
why
wouldnt the RPC over HTTP accpet that?
what is the difference?

"neo [mvp outlook]" wrote:

You will not be able to connect unless the folks that run Exchange
downgrade
the security or get a SSL certificate installed on the
website/server.
Just
so you know why I'm saying this is that Microsoft designed Outlook
2003/7
and Exchange 2003/7 to be more secure out of the box, and ensuring
that
traffic goes across via SSL falls under that default design when it
comes
to
RPC over HTTPS.

"erezy" <erezy@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:6370D2AF-2CB8-443B-85A9-4B07534B02E6@xxxxxxxxxxxxxxxx
hey,

my corp server has http access with no certificate.
my laptop is NOT part of the domain.
trying to set outlook 2007 to use RPC over HTTP i tried to use NTLM
but
i
keep getting prompted for my password, no matter what i do.
setting the security to Basic locks the checkbox for SSL as
checked,
which
means it wont work, because the server doesnt support https.

if i log on to the lan using the vpn, it works with NTLM. at least
i am
assuming its that since i checked both checkboxes saying on slow
and
fast
networks use HTTP first...

any ideas? the point is not to have to connect to the lan using the
VPN,
but
still have outlook 2007 instead of OWA that i am forced to use....

thanks,
erez









.

Relevant Pages

  • RE: SBS2003 R2 Exchange issue
    ... Although SBS can import Certificate by running the CEICW wizard, ... Click to clear the Require secure channel (SSL) check box. ... Restart Exchange System Manager. ... On the SBS 2003 Server open the Server Management console. ...
    (microsoft.public.windows.server.sbs)
  • Re: Outlook 2003 - RPC over HTTP
    ... have you applied SP1 for Exchange 2003? ... configure the RPC Proxy server to use the specified default ports for RPC ... >> I need a SSL certificate and we plan to use our own CA to issue the ... >> certificates and therefore, I have installed certificate services on the ...
    (microsoft.public.outlook.general)
  • Re: RPC over HTTP with Basic Authentication and no SSL
    ... At the bottom a 3 year certificate is $225. ... I'm also the person who runs exchange on our server so it's myself I'm ... > wouldnt the RPC over HTTP accpet that? ...
    (microsoft.public.outlook.installation)
  • RE: ActiveSync Permissions Error
    ... it needs to talk to the exchange client via non-ssl for some functions. ... ssl is running - This aparently breaks some functionality of active-sync. ... I hope my reading sheds some light on your subject. ... > purchased a certificate from Verisign, installed it on the server, and now i ...
    (microsoft.public.exchange.connectivity)
  • Re: Cant access OWA on New Front-End Server
    ... Did you remove the certificate from the back-end server? ... I double checked IIS SSL settings. ... MVP - Exchange ...
    (microsoft.public.exchange.setup)