none
2013 OWA stalls with new certificate

    Question

  • Hi all,

    I had OWA working fine, but was having some problems with Outlook Anywhere. After fooling around with a self-signed cert and some other stuff for a while I took a friend's advice and installed a GoDaddy cert on my Exchange server. The new cert didn't help the Outlook Anywhere problem, and it killed OWA as well. I backed out the change and now everything is as it was.

    Can anyone point me to a good reference for exactly how the IIS stuff is supposed to be set up for a simple Exchange implementation? Even better would be a script that would reset everything back to square one.

    The symptoms without the new certificate are that OWA works fine both from our LAN and via connections through our firewall from the outside. I can also connect OK to Outlook anywhere from my home. It's only local Outlook clients on the LAN that keep getting a message "The Exchange server is not available etc. etc."

    George


    George Merriman gwm@gsi-bkln.com Gravesend Systems Inc. Brooklyn NY USA

    Friday, August 16, 2013 9:29 PM

Answers

  • Are you using Exchange 2013? If yes, then there should be no difference between internal and external clients. They are all using Outlook Anywhere to connect. However, name resolution is probably not the same. Do you have certificate with proper SANs implemented on CAS? Did you try to run Remote Exchange Connectivity Analyzer tests? That should provide you with more info.

    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Thank you! Damir

    • Proposed as answer by damirdMVP Sunday, August 18, 2013 8:58 PM
    • Marked as answer by George Meriman Monday, August 19, 2013 12:32 AM
    Sunday, August 18, 2013 8:58 PM

All replies

  • Are you using Exchange 2013? If yes, then there should be no difference between internal and external clients. They are all using Outlook Anywhere to connect. However, name resolution is probably not the same. Do you have certificate with proper SANs implemented on CAS? Did you try to run Remote Exchange Connectivity Analyzer tests? That should provide you with more info.

    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Thank you! Damir

    • Proposed as answer by damirdMVP Sunday, August 18, 2013 8:58 PM
    • Marked as answer by George Meriman Monday, August 19, 2013 12:32 AM
    Sunday, August 18, 2013 8:58 PM
  • Hi Damir,

    Thanks for your attention. I have managed to get things working after a lot of fooling around. It seems that the certificate installation process in the EAC was not working very well. When I used it to install the appropriate GoDaddy certificate with all the necessary SANs it left a previously installed cert with only the external name installed as well and this is what the Outlook was seeing when it tried to connect. In the process of fooling around with this I managed to get the bindings for the back end site messed up, which was causing the problem I mentioned here. I also had to go back and mark the new cert for the IIS service. The EAC only hooked it up for IMAP and POP when I finally got it installed.

    Everything is working fine now, but my desire for a comprehensive description of all the IIS plumbing needed for Exchange stands. This stuff may all be obvious to an expert IIS web master but I'm just a general IT guy trying to provide my users with email.

    George


    George Merriman gwm@gsi-bkln.com Gravesend Systems Inc. Brooklyn NY USA

    Monday, August 19, 2013 12:32 AM