Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Removing an existing Certificate from IIS 1

Status
Not open for further replies.
pct3ch

pct3ch

MIS
Feb 3, 2003
68
US
Hi all,

I created a CA certificate internally from my domain controller which is also running Exchange 2003. I was looking to use Outlook Web Access and use the certificate for HTTPS access. I didn't create the certificate correctly and now I cant access the OWA page internally, I'm required to use HTTPS but nothing comes up. If I remove the certificate from the website, will there be any issues or problems?

Thanks
 
Sort by date Sort by votes
You wont be able to use SSL and OWA will not function. When you create a certificate you need to make sure you are using the correct fqdn of the exchange server. If your exchange server's fqdn is say corpexch1.mycorp.net then thats what you have to use, you cant use mail.mycorp.net because it will not work. The certificate looks at the true fqdn on the server and if its incorrect it kicks back an error saying the certificate is incorrect.

Also, you may want to look into using a 3rd party certificate as you wont have any errors come up when your users go to access OWA. Using internal CAs created and issued by your domain controller will give your users an error message and thats because the certificate its issuing isnt installed in their browsers. Almost all 3rd party CAs like GoDaddy, Verisign, GeoTrust, Thawte, and others are already installed in the web browsers and they are also on most mobile devices so there wont be any issues if you want to use activesync. GoDaddy has cheap SSL certificates that will work with OWA.

Wm. Reynolds
RRWDS | TxPSS


- - - - - - - - - - - - -
Network Error:
Hit any user to continue
 
Upvote 0 Downvote
Thanks a lot for your input WM. Raynolds. I did exactly as you mentioned and used mail.mycorp.net as the cert name. I think I will use a 3rd party as you suggested. I'll have to replace the current certificate with a 3rd party one correct? Is it possible to remove the current one and have OWA internally?
 
Upvote 0 Downvote
Yes, you can use OWA without an SSL certificate, but you cant use forms based authentication because it requires SSL. You will have to go back to the pop-up login box, and nothing will be secure.

Wm. Reynolds
RRWDS | TxPSS


- - - - - - - - - - - - -
Network Error:
Hit any user to continue
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ravalos
  • Locked
  • Question
Problem with PDFs in IIS
Replies
1
Views
1K
gbaughma
gbaughma
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
760
DrB0b
DrB0b
goombawaho
  • Locked
  • Question
Domain join from wifi connected laptop
Replies
4
Views
1K
goombawaho
goombawaho
jamescpp
  • Locked
  • Question
Adding an attribute to ADLDS
Replies
1
Views
335
jamescpp
jamescpp
maybeimaleo
  • Locked
  • Question
Can SMTP Be Migrated From 2008 R2 to 2019?
Replies
1
Views
338
maybeimaleo
maybeimaleo

Part and Inventory Search

Sponsor

Back
Top