|
exchange
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
OWA 2003 SSL questionI've set up OWA 2003 w/SSL in the past but it's been awhile and I'm currently
at a company where I need to set it up again and I have a question regarding on what virtual directory I should require SSL. The certificate will be applied at the Default Web Site level and my question is what subdirectories besides /Exchange - if any - need to have SSL required? Or is the /Exchange directory the only one that requires SSL in order to secure OWA. I will be using ActiveSync so I realize that I need to setup the secondary /Exchange virtual directory as explained in KB817379 Thx
http://www.msexchange.org/tutorials/MF004.html
--
Show quote
Hide quote
John Oliver, Jr MCSE, MCT, CCNA Exchange MVP 2009 Microsoft Certified Partner "pdx" <p**@discussions.microsoft.com> wrote in message
news:9D97FEC3-F054-45FD-BCAE-CBDD5E05F809@microsoft.com... > I've set up OWA 2003 w/SSL in the past but it's been awhile and I'm > currently > at a company where I need to set it up again and I have a question > regarding > on what virtual directory I should require SSL. > > The certificate will be applied at the Default Web Site level and my > question is what subdirectories besides /Exchange - if any - need to have > SSL > required? Or is the /Exchange directory the only one that requires SSL in > order to secure OWA. > > I will be using ActiveSync so I realize that I need to setup the secondary > /Exchange virtual directory as explained in KB817379 > > Thx Thanks for the info. In all my searching I never came upon that how-to and
the second half of that how-to explains exactly what I need to know, require SSL on the /Exchange virtual directory. A related question - for which I also haven't located an answer (maybe I need to take Web Browsing 101 again) - to use ActiveSync over SSL do I have to enable SSL on the \Microsoft-Server-ActiveSync virtual directory (and/or any other)? Thanks Show quoteHide quote "John Oliver, Jr. [MVP]" wrote: > http://www.msexchange.org/tutorials/MF004.html > > -- > John Oliver, Jr > MCSE, MCT, CCNA > Exchange MVP 2009 > Microsoft Certified Partner > > > "pdx" <p**@discussions.microsoft.com> wrote in message > news:9D97FEC3-F054-45FD-BCAE-CBDD5E05F809@microsoft.com... > > I've set up OWA 2003 w/SSL in the past but it's been awhile and I'm > > currently > > at a company where I need to set it up again and I have a question > > regarding > > on what virtual directory I should require SSL. > > > > The certificate will be applied at the Default Web Site level and my > > question is what subdirectories besides /Exchange - if any - need to have > > SSL > > required? Or is the /Exchange directory the only one that requires SSL in > > order to secure OWA. > > > > I will be using ActiveSync so I realize that I need to setup the secondary > > /Exchange virtual directory as explained in KB817379 > > > > Thx > If FBA is enabled then follow this,
http://www.amset.info/exchange/mobile-85010014.asp -- Show quoteHide quoteJohn Oliver, Jr MCSE, MCT, CCNA Exchange MVP 2009 Microsoft Certified Partner "pdx" <p**@discussions.microsoft.com> wrote in message news:698DE8AC-25B8-4FA4-AFF1-2709DB44B9B9@microsoft.com... > Thanks for the info. In all my searching I never came upon that how-to and > the second half of that how-to explains exactly what I need to know, > require > SSL on the /Exchange virtual directory. > > A related question - for which I also haven't located an answer (maybe I > need to take Web Browsing 101 again) - to use ActiveSync over SSL do I > have > to enable SSL on the \Microsoft-Server-ActiveSync virtual directory > (and/or > any other)? > > Thanks > > "John Oliver, Jr. [MVP]" wrote: > >> http://www.msexchange.org/tutorials/MF004.html >> >> -- >> John Oliver, Jr >> MCSE, MCT, CCNA >> Exchange MVP 2009 >> Microsoft Certified Partner >> >> >> "pdx" <p**@discussions.microsoft.com> wrote in message >> news:9D97FEC3-F054-45FD-BCAE-CBDD5E05F809@microsoft.com... >> > I've set up OWA 2003 w/SSL in the past but it's been awhile and I'm >> > currently >> > at a company where I need to set it up again and I have a question >> > regarding >> > on what virtual directory I should require SSL. >> > >> > The certificate will be applied at the Default Web Site level and my >> > question is what subdirectories besides /Exchange - if any - need to >> > have >> > SSL >> > required? Or is the /Exchange directory the only one that requires SSL >> > in >> > order to secure OWA. >> > >> > I will be using ActiveSync so I realize that I need to setup the >> > secondary >> > /Exchange virtual directory as explained in KB817379 >> > >> > Thx >> Thanks again for the info. When all is said and done what virtual directories
will I need to "Require secure channel (SSL)" on in order to best secure OWA and EAS? I'm going to require SSL on the Default Web Site...is that sufficient or do I need to require SSL on certain virtual directories such as /exchange, /exchweb, /Microsoft-Server-ActiveSync and /oma and/or others? For instance, my understanding is that EAS first connects to the microsoft-server-activesync virtual directory so should SSL be required on that directory? OWA connects to /Exchange so should SSL be required on it? I haven't been able to locate definitive info as to what virtual directories should have SSL required. I realize that only 443 can be allowed at the firewall with 80 blocked and with the cert on the website then things are secure externally, but I'd also like to require SSL on the appropriate directories. The link provided indicates to remove the "Require SSL" setting from /exchange, /exchweb, /Microsoft-Server-ActiveSync and /oma in order to do the FBA workaround but it doesn't cover putting the "Require SSL" settings back on any particular vdirs. Thanks Show quoteHide quote "John Oliver, Jr. [MVP]" wrote: > If FBA is enabled then follow this, > > http://www.amset.info/exchange/mobile-85010014.asp > > -- > John Oliver, Jr > MCSE, MCT, CCNA > Exchange MVP 2009 > Microsoft Certified Partner > > > "pdx" <p**@discussions.microsoft.com> wrote in message > news:698DE8AC-25B8-4FA4-AFF1-2709DB44B9B9@microsoft.com... > > Thanks for the info. In all my searching I never came upon that how-to and > > the second half of that how-to explains exactly what I need to know, > > require > > SSL on the /Exchange virtual directory. > > > > A related question - for which I also haven't located an answer (maybe I > > need to take Web Browsing 101 again) - to use ActiveSync over SSL do I > > have > > to enable SSL on the \Microsoft-Server-ActiveSync virtual directory > > (and/or > > any other)? > > > > Thanks > > > > "John Oliver, Jr. [MVP]" wrote: > > > >> http://www.msexchange.org/tutorials/MF004.html > >> > >> -- > >> John Oliver, Jr > >> MCSE, MCT, CCNA > >> Exchange MVP 2009 > >> Microsoft Certified Partner > >> > >> > >> "pdx" <p**@discussions.microsoft.com> wrote in message > >> news:9D97FEC3-F054-45FD-BCAE-CBDD5E05F809@microsoft.com... > >> > I've set up OWA 2003 w/SSL in the past but it's been awhile and I'm > >> > currently > >> > at a company where I need to set it up again and I have a question > >> > regarding > >> > on what virtual directory I should require SSL. > >> > > >> > The certificate will be applied at the Default Web Site level and my > >> > question is what subdirectories besides /Exchange - if any - need to > >> > have > >> > SSL > >> > required? Or is the /Exchange directory the only one that requires SSL > >> > in > >> > order to secure OWA. > >> > > >> > I will be using ActiveSync so I realize that I need to setup the > >> > secondary > >> > /Exchange virtual directory as explained in KB817379 > >> > > >> > Thx > >> > I believe requiring on the Default Website will suffice. I do not have an
Exchange 2003 Server currently to actually verify but I do recall just ticking the "require ssl...." just under the Default Website only. -- Show quoteHide quoteJohn Oliver, Jr MCSE, MCT, CCNA Exchange MVP 2009 Microsoft Certified Partner "pdx" <p**@discussions.microsoft.com> wrote in message news:4BF505F0-CEA8-46D3-AFE9-E80754B3D4C6@microsoft.com... > Thanks again for the info. When all is said and done what virtual > directories > will I need to "Require secure channel (SSL)" on in order to best secure > OWA > and EAS? I'm going to require SSL on the Default Web Site...is that > sufficient or do I need to require SSL on certain virtual directories such > as > /exchange, /exchweb, /Microsoft-Server-ActiveSync and /oma and/or others? > For > instance, my understanding is that EAS first connects to the > microsoft-server-activesync virtual directory so should SSL be required on > that directory? OWA connects to /Exchange so should SSL be required on it? > I > haven't been able to locate definitive info as to what virtual directories > should have SSL required. > > I realize that only 443 can be allowed at the firewall with 80 blocked and > with the cert on the website then things are secure externally, but I'd > also > like to require SSL on the appropriate directories. > > The link provided indicates to remove the "Require SSL" setting from > /exchange, /exchweb, /Microsoft-Server-ActiveSync and /oma in order to do > the > FBA workaround but it doesn't cover putting the "Require SSL" settings > back > on any particular vdirs. > > Thanks > > "John Oliver, Jr. [MVP]" wrote: > >> If FBA is enabled then follow this, >> >> http://www.amset.info/exchange/mobile-85010014.asp >> >> -- >> John Oliver, Jr >> MCSE, MCT, CCNA >> Exchange MVP 2009 >> Microsoft Certified Partner >> >> >> "pdx" <p**@discussions.microsoft.com> wrote in message >> news:698DE8AC-25B8-4FA4-AFF1-2709DB44B9B9@microsoft.com... >> > Thanks for the info. In all my searching I never came upon that how-to >> > and >> > the second half of that how-to explains exactly what I need to know, >> > require >> > SSL on the /Exchange virtual directory. >> > >> > A related question - for which I also haven't located an answer (maybe >> > I >> > need to take Web Browsing 101 again) - to use ActiveSync over SSL do I >> > have >> > to enable SSL on the \Microsoft-Server-ActiveSync virtual directory >> > (and/or >> > any other)? >> > >> > Thanks >> > >> > "John Oliver, Jr. [MVP]" wrote: >> > >> >> http://www.msexchange.org/tutorials/MF004.html >> >> >> >> -- >> >> John Oliver, Jr >> >> MCSE, MCT, CCNA >> >> Exchange MVP 2009 >> >> Microsoft Certified Partner >> >> >> >> >> >> "pdx" <p**@discussions.microsoft.com> wrote in message >> >> news:9D97FEC3-F054-45FD-BCAE-CBDD5E05F809@microsoft.com... >> >> > I've set up OWA 2003 w/SSL in the past but it's been awhile and I'm >> >> > currently >> >> > at a company where I need to set it up again and I have a question >> >> > regarding >> >> > on what virtual directory I should require SSL. >> >> > >> >> > The certificate will be applied at the Default Web Site level and my >> >> > question is what subdirectories besides /Exchange - if any - need to >> >> > have >> >> > SSL >> >> > required? Or is the /Exchange directory the only one that requires >> >> > SSL >> >> > in >> >> > order to secure OWA. >> >> > >> >> > I will be using ActiveSync so I realize that I need to setup the >> >> > secondary >> >> > /Exchange virtual directory as explained in KB817379 >> >> > >> >> > Thx >> >> >> 
Other interesting topics
Exchange 2008 Web interface
access Outlook Web Access without authentication Backupexec 12 and Exchange 2007 SCC cluster backup Booking Calendar Resources Exchange 2007 - Email archiving Options for large store Alias question Exch07: Creating 2nd store and archiving to that store exchange 2007: Purging emails from users Mail archive appliance Send link from document in public folders |
|||||||||||||||||||||||
