OWA 2007 not accessable from the Internet

[Dos_Box]

My new Exchange 2007 has a strange problem. Our OWA has always been accessed via a reverse proxy at https://webmail.mydomain.ac.uk/exchange and there was never a problem accessing it.

Now they have change the IP to point at my new server on https://webmail.mydomain.ac.uk/owa it picks up the certificate error but once you click on the 'continue to this website' link it just times out (eventually).

Is there something on Server 2008 IIS or Exchange management I need to look at?

[Dos_Box]

Found the problem. When Exchange set itself up it creates it's own SSL certificate. But it did not create one with the servers FQDN name on, only its NETBIOS name.

I've just got to create another self signed SSL certificate with the correct info on and Roberts your dads brother.

[Dos_Box]

But I'm dammed if I can get it to work. Anyone here have a link to guide to creating a working SSL certificate for Exchange 2007. And (dummy that I am I deleted the original one). Not to worry though as I think we are going to buy a full cert tomorrow.

[john]

Could you not get a free one from that SSL Place thats recommended on here, was it something like comodo or something like that

[Dos_Box]

Right, after some reading up (and a call to Comodo this morning) I shall impart some valuble information to you.

Exchange 2007 is different to 2003/2000 when it comes to SSL certificates. To use 2007s features externally you need a special certificate (called the Unified Communication Certificate or UCC) which contains 'alternative' credentials. To generate a request for these you need to use the Exchange management shell with the 'New-ExchangeCertificate' command (here is their support site article: https://support.comodo.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=1143)

Unfortunately I can't get it to generate a request file and I get no error comeback. Has anyone here gone through this process and if so can you give me the full syntax for my server request?

 

Servername - ictc3.mydomain.ac.uk

[Dos_Box]

Ah, got it. I don't know why it didn't work the first time!

[joe90bass]

After migrating to 2007 from 2003 I spent ages trying to get our OWA address to stay as https://www.school.blah.di.blah/exchange not https://blah..../owa I gave up and went with /owa and let staff know the new address from home.

 

I also had fun with the certificates, and in the end bought one from instantssl (Comodo) I didn't get the UCC oe though, what features of Exchange are you using? The bog standard instantssl one works fine with OWA

[Dos_Box]

After migrating to 2007 from 2003 I spent ages trying to get our OWA address to stay as https://www.school.blah.di.blah/exchange not https://blah..../owa I gave up and went with /owa and let staff know the new address from home.

 

I also had fun with the certificates, and in the end bought one from instantssl (Comodo) I didn't get the UCC oe though, what features of Exchange are you using? The bog standard instantssl one works fine with OWA

 

 

We will be pushing email and using active sync online. You need the signed version for this. I was told (by Comodo) that the standard SSl cert would not work, and indeed it didn't for me.