certificate update blows up Exchange 2007 OWA
Recently our SSL certificates expired so I contacted GoDaddy to renew them. We own a *.com and a *.net, but the *.net was our first site which my predecessor set up to forward to the .com.
Our web server is hosted in a data center facility a few miles from our office. That's where the *.com stuff points. But our mail server sits in our server closet onsite, and there's supposed to be some kind of forwarding for mail.company.com and mail.company.net
to reach our local mail server. i assume that our MX records point to our local office external IP, since I've worked more with the external IP's at the data center for the .com websites.
After resetting our SSL certificates, we can no longer reach Exchange 2007 OWA. Initial requests to mail.company.com and mail.company.net generate an error related to certificates [this connection is untrusted] whereupon I click "I understand the risks and
Add exception." This brings up a screen which shows "This site attempts to identify itself with invalid information. Wrong Site." Confirming the security exception, I am then greeted with 404 File or Directory Not Found.
I have restarted the server, restarted services, reset bindings to certificates, and followed the step-by-step instructions from Godaddy for exporting our SSL certs from the IIS7 site and importing them to our exchange server.
Instructions I found on the web for rebuilding OWA directories describe processes for using IIS6, but we're using IIS7. Also, no directories were changed as part of this certificate installation process.
March 31st, 2011 2:11pm
If you are looking ofr reinstalling IIS for your owa server , this may be helpful
http://exchange.exiis.net/kb_articles/kb5/Pages/HowtoremoveandtoreinstallIISonacomputerthatisrunningExchangeServer.aspx
Free Windows Admin Tool Kit Click here and download it now
March 31st, 2011 2:24pm
Changing the SSL certificate shouldn't have caused these kind of issues. Therefore the first thing I would do is check whether OWA works locally.
On the server itself, browse to https://localhost/exchange and see whether things work correctly or not. You may well get SSL errors, because "localhost" isn't in the certificate, but go past those.
The fact that you are getting SSL errors now is not a good sign as the GoDaddy certificates are trusted and if you used them before, then you wouldn't need to install the additional certificates it requires. When you get the certificate prompts, you should
be able to view the certificate - is it your certificate that is being presented to you?
Simon.Simon Butler, Exchange MVP
Blog |
Exchange Resources | In the UK?
Hire Me.
March 31st, 2011 7:56pm