Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

XCCC: Turning On SSL for Exchange 2000 Server Outlook Web Access


View products that this article applies to.

This article was previously published under Q320291

↑ Back to the top


Summary

You can use Secure Sockets Layer (SSL) to secure communication between clients (Web browsers) and a Microsoft Outlook Web Access (OWA) server. SSL encrypts all of the data that is sent over the network. This data includes logon credentials and mailbox and public folder items. SSL is the preferred, standard method to secure communication over the Internet.

↑ Back to the top


More information

To turn on SSL on the Exchange 2000 virtual roots:
  1. Obtain an SSL certificate. You can purchase a certificate from a number of third-party certification authorities. This is the preferred method because many of these certification authorities are already trusted by the majority of browsers. You can also use Microsoft Certificate Server to install your own certification authorities.
  2. Configure your SSL certificate in Microsoft Internet Information Services (IIS):
    1. Start Internet Services Manager, which loads the Internet Information Server Microsoft Management Console (MMC) snap-in.
    2. In the Internet Information Server MMC snap-in, right-click the Web site that contains the Exchange 2000 virtual roots, and then click Properties.
    3. Click the Directory Security tab.
    4. Under Secure communications, click Server Certificate to start the Web Server Certificate Wizard. You can use the Web Server Certificate Wizard to configure the certificate, based on the information that your certification authority provided.

      NOTE: At this point, users can use OWA over SSL by browsing to the following Web site:
      https://server_name/Exchange
  3. If you want to enforce the use of SSL, you can require secure channel communication on each Exchange 2000 virtual root:
    1. In the Internet Information Server MMC snap-in, click the Exchange 2000 virtual root that you want to secure (for example, click Exchange or Public).
    2. Right-click the virtual root, and then click Properties.
    3. Click the Directory Security tab.
    4. Under Secure communications, click Edit.
    5. Click to select the Require secure channel(SSL) check box.
NOTE: If you want to enforce the use of SSL, complete step 3 for each Exchange 2000 virtual root. By default, the virtual roots include the "Exchange" and "Public" virtual directories. However, the virtual roots may differ depending on your configuration.

NOTE: SSL cannot be required on a back-end server's 'exchange' virtual directory in a front-end/back-end configuration. Only the front-end server can require SSL, and it always proxies the request to the back-end server on port 80.

↑ Back to the top


Keywords: KB320291, kbhowto

↑ Back to the top

Article Info
Article ID : 320291
Revision : 7
Created on : 2/28/2007
Published on : 2/28/2007
Exists online : False
Views : 361