OWA 2000 SSL Issue
Our single Exchange 2000 Server runs on a Windows 2000 Server box together with ISA Server 2000. Everything is running the latest Service Packs.We have a self signed SSL cert assigned to the default website, and remote users must use https:// to access OWA.I am confident the IIS permissions on exchange / public / exchweb directories etc are correct.When users login, OWA partly loads and the user is prompted "this page contains both secure and non secure items - do you want to display the non secure items?". You have to click yes to proceed. This simply gives a "this page must be viewed over a secure channel" page. In order to get to OWA, the browser has to be refreshed and OWA then loads properly, showing padlock and 128 bit encryption. Why does this happen and how do we stop it? I'm convinced this is an ISA 2000 issue, but have correctly configured ISA 2000 by creating an SSL publishing rule.Any suggestions?
January 28th, 2010 12:29pm
I'm convinced this is an ISA 2000 issue, but have correctly configured ISA 2000 by creating an SSL publishing rule.Any suggestions?
Hi Martyn,I suggest you bypass ISA and test the issue again. If it is working and can be confirmed as an ISA issue, I suggest you write the post in ISA forum:http://social.technet.microsoft.com/Forums/en-US/ForefrontedgeIA/threadsThanks,Elvis
Free Windows Admin Tool Kit Click here and download it now
January 29th, 2010 10:24am
Hi Martyn,Any update on the issue? If so, please let me know. Thanks,Elvis
February 3rd, 2010 5:21am
Hello ElvisI have disabled ISA and even without it, the problem remains. I have fiddled with IIS security settings to no avail. I think my original idea of it being an ISA issue is out of the window. This seems an IIS issue.ThanksMartyn
Free Windows Admin Tool Kit Click here and download it now
February 4th, 2010 1:13am
Hi Martyn When open the website that contains not secure links or files , it will pop up that windows. The root cause of this error is poor website design. You need to troubleshooting the designing codes. All the links require content to be covered by the ssl to be secured. It could be a picture image, or a file that you are linking to thats not sucure. For example, Your website contain a link like this <img src="http://www.example.com/imagefile.igp"> You need to change it to: <img src="https://www.example.com/imagefile.igp"> But if you are a user, how to get rid of the popup in your computer browser follow there steps: Step 1: Go to Tools>Internet options Step 2: Select the "Security" Tab and then click on the "Custom Level" button Step 3: Scroll down until you see the option :"Display mixed content". Change the option from "Prompt" to "Enable".\ Step 4: Click ok and save this. To prove the website issues, you can try these steps .
February 5th, 2010 4:16am
Hi Martyn,
Regarding the error message, please check the following KB article for more information:
'This Page Contains Both Secure and Non-Secure Items' Error Message.
http://support.microsoft.com/kb/184960
The issue can happen if you have ever redesigned your OWA. If a mail with an embedded image which was configured using http, but not https(just like Fei mentioned above), the issue can also occurs.
Please let us know whether the issue happen in all users or just specific user? I also suggest you change another PC to test the issue.
Nevertheless, if you think this is an IIS issue, you could write a post in our IIS forum to see if someone can help:
http://forums.iis.net/
Thanks,
Elvis
Free Windows Admin Tool Kit Click here and download it now
February 5th, 2010 5:37am
HelloThe IE zone adjustment removes the secure / non secure prompt but the second part of the issue remains. This simply gives a "this page must be viewed over a secure channel" page. In order to get to OWA, the browser has to be refreshed and OWA then loads properly, showing padlock and 128 bit encryption. This is despite initially entering https://xxxxOur OWA installation is default. I know SP3 changes some of the graphics in the dafult installation but other than SP3, we have made no personal tweaks. This server has been rebuilt a few times. Regardless... same issue. It has never worked.Requirement for SSL 128 bit is applied to the Exchange directory only under IIS.Martyn
February 5th, 2010 5:20pm