none
OWA is down, Exchange is up - OWA over SSL

    Question

  • Hi,
    Environment : Exchange 2003 SP2 on Windows 2003 SP2.

    we're facing a problem with our OWA access.  Previously we set up our OWA using SSL and running perfectly, and we are generating new csr to issue new certficate as the current revoked due to expiry.

    after installing new certificate. the OWA over SSL no longer working-Error: "Internet Explorer cannot display the webpage"
    even we running OWA without SSL also facing the same error.

    This morning suddenly after restarting IISAdmin service, the OWA get working with the new SSL for a few minutes only.
    Exchange is running ok with Outlook client.

    *Notes : we are generating new csr with new key length bit, 2048, previously is 1024.

    thanks.

    Tuesday, November 08, 2011 2:47 AM

Answers

All replies


  • update :

    i cannot browse OWA on the same exchange server thru https://localhost and http://localhost or http://<serverIP>
    current private mailbox is around 30GB and holding 90mailboxes.
    half of them using blackberry OWA service.

    the steps i didn't do yet are 1-restart Exchange IS and 2-reboot server
    i'm afraid reboot/restart service would be last resort. we need the exchange up and running for this 5days since outlook client can access exchange server without problem.

     

    Tuesday, November 08, 2011 5:18 AM
  • I suspect the certificate is corrupt. It is the classic signs.

    SSL certificate and access has nothing to do with Exchange, it is an IIS function. Therefore restarting anything to do with Exchange will be a waste of time. Restart the IIS services would confirm whether things are working correctly. Otherwise go back to your SSL provider and ask them to reissue the certificate.

    As for the Blackberry devices, you would be much better off switching to BES Express. It is free and doesn't require a change in the tariff and would allow the Blackberry devices to be used to their full potential rather than the poor implementation that BIS does with screen scraping.

    Simon.


    Simon Butler, Exchange MVP
    Blog | Exchange Resources | In the UK? Hire Me.
    Tuesday, November 08, 2011 12:43 PM
  • If restarting the IIS svc fails, turn on the logging if not already set for IIS, and see what the logs are suggesting.
    Sukh
    Tuesday, November 08, 2011 9:02 PM
  • @Sembee Hi, I've tried to access OWA without SSL functionality but still the same error. what's the problem would be? restart IIS Admin service also the same.
    Anyway, thanks for the blackberry advise. just for confirmation, is it BIS subscriber still got benefits from BES express server?

    @Sukh828 Hi, restarting IIS service is success. I already turn on the logging for IIS, but seems no one can access to OWA.

    Update:
    may i know whether this article is valid for my case?
    http://support.microsoft.com/kb/883380 - How to reset the default virtual directories that are required to provide Outlook Web Access, Exchange ActiveSync, and Outlook Mobile Access services in Exchange Server 2003

    Wednesday, November 09, 2011 3:10 AM
  • @Suks828 at httperr log

    2011-11-09 03:34:17 - - - - - - - - - 5_Connections_Refused -
    2011-11-09 03:39:47 - - - - - - - - - 1_Connections_Refused -

    if the kb 883380 is one of the steps to troubleshoot, then i can see the MSExchange IS service need to be restart. (we try to avoid this)

    • Edited by raydha Wednesday, November 09, 2011 3:52 AM delete unnecessary reply
    Wednesday, November 09, 2011 3:47 AM
  • If you have to go down that route to recreate your directory then you will have to if you want the service to be up.
    Sukh
    Wednesday, November 09, 2011 10:50 AM
  • Anyway, thanks for the blackberry advise. just for confirmation, is it BIS subscriber still got benefits from BES express server?

     

    A Blackberry user with a BIS subscription gets full functionality of being on the BES Express, except over the air activation. That means you either have to download the activation tool from APp World or do a cable activation.

    Simon.


    Simon Butler, Exchange MVP
    Blog | Exchange Resources | In the UK? Hire Me.
    Thursday, November 10, 2011 9:40 PM