Issue(s) with outlook web access and Iphone activesync with Exchange 2003

I

iamkion132

n00b
Joined
Feb 27, 2007
Messages
57
Neither one of these are major issues but I have a feeling that they are both linked somehow. I installed a godaddy SSL certificate to replace our old one and this caused somethings to stop working like that had in the past.


Prior to installing the godaddy SSL cert, I could type in the OWA URL and it would automatically redirect me from the [1] http:// address to [2] https:// as well as getting the login prompt. Now I have to manually type in the [3] https:// and if I don't, I get the following message


HTTP Error 403.4 - Forbidden: SSL is required to view this resource. Internet Information Services (IIS)


A secondary issue caused with this is that an employee's iphone activesync stopped working when the SSL certificate was installed and there are errors in event viewer that are as follows


The mailbox server [servername] has its [exchange] virtual directory set to require SSL. Exchange ActiveSync cannot access the server if SSL is set to be required.


I've been doing some reading and because of my limited experience with IIS and exchange, I'd prefer to try simpler/more obvious stuff first. I have a feeling the fixes maybe more basic than I envisioned but I'd like to get some help before trying anything.
 
Dio you have a Godaddy Cert before? If not, did you install the proper internediate certs?
 
Prior to the Godaddy cert, we were using Thawte. I did install the intermediate certs as directed by the Godaddy directions. I was doing some light testing with https://www.testexchangeconnectivity.com as well as the AccessMyLan ActiveSync Tester https://store.accessmylan.com/main/diagnostic-tools and I noticed that when I disabled require SSL on the Exchange sub-directory of the Default website, both tools said that activesync worked. When I re-enabled require SSL on the subdirectory, the tools said activesync failed.
 
An autodiscover misconfiguration might be the reason for the ActiveSync errors, hit "Expand All" and post the results from the https://www.testexchangeconnectivity.com.

Just as an example, here is what the(scrubbed) results look like from my lab's working SSL Exchange server
Code: 
	ExRCA is testing Exchange ActiveSync.
 	Exchange ActiveSync was tested successfully.
 	
	Test Steps
 	
	Attempting the Autodiscover and Exchange ActiveSync test (if requested).
 	Autodiscover was successfully tested for Exchange ActiveSync.
 	
	Test Steps
 	
	Attempting each method of contacting the Autodiscover service.
 	The Autodiscover service was tested successfully.
 	
	Test Steps
 	
	Attempting to test potential Autodiscover URL https://LOLOLOLOLOLOL.net/AutoDiscover/AutoDiscover.xml
 	Testing of this potential Autodiscover URL failed.
 	
	Test Steps
 	
	Attempting to resolve the host name LOLOLOLOLOLOLOLOL.net in DNS.
 	The host name resolved successfully.
 	
	Additional Details
 	IP addresses returned: 274.42.0.0
	Testing TCP port 443 on host LOLOLOLOLOLOLOLOL.net to ensure it's listening and open.
 	The port was opened successfully.
	Testing the SSL certificate to make sure it's valid.
 	The SSL certificate failed one or more certificate validation checks.
 	
	Test Steps
 	
	Validating the certificate name.
 	Certificate name validation failed.
 	 Tell me more about this issue and how to resolve it
 	
	Additional Details
 	Host name LOLOLOLOLOLOLOLOL.net doesn't match any name found on the server certificate CN=mail.LOLOLOLOLOLOLOLOL.net, S=Ontario, C=CA.
	Attempting to test potential Autodiscover URL https://autodiscover.LOLOLOLOLOLOLOLOL.net/AutoDiscover/AutoDiscover.xml
 	Testing of the Autodiscover URL was successful.
 	
	Test Steps
 	
	Attempting to resolve the host name autodiscover.LOLOLOLOLOLOLOLOL.net in DNS.
 	The host name resolved successfully.
 	
	Additional Details
 	IP addresses returned: 274.42.0.0
	Testing TCP port 443 on host autodiscover.LOLOLOLOLOLOLOLOL.net to ensure it's listening and open.
 	The port was opened successfully.
	Testing the SSL certificate to make sure it's valid.
 	The certificate passed all validation requirements.
 	
	Test Steps
 	
	Validating the certificate name.
 	The certificate name was validated successfully.
 	
	Additional Details
 	Host name autodiscover.LOLOLOLOLOLOLOLOL.net was found in the Certificate Subject Alternative Name entry.
	Testing the certificate date to confirm the certificate is valid.
 	Date validation passed. The certificate hasn't expired.
 	
	Additional Details
 	The certificate is valid. NotBefore = 5/9/2011 10:54:34 AM, NotAfter = 5/8/2013 10:54:34 AM
	Checking the IIS configuration for client certificate authentication.
 	Client certificate authentication wasn't detected.
 	
	Additional Details
 	Accept/Require Client Certificates isn't configured.
	Attempting to send an Autodiscover POST request to potential Autodiscover URLs.
 	ExRCA successfully retrieved Autodiscover settings by sending an Autodiscover POST.
 	
	Test Steps
 	
	ExRCA is attempting to retrieve an XML Autodiscover response from URL https://autodiscover.LOLOLOLOLOLOLOLOL.net/AutoDiscover/AutoDiscover.xml for user [email protected].
 	The Autodiscover XML response was successfully retrieved.
 	
	Additional Details
 	Autodiscover Account Settings
XML response:
<?xml version="1.0"?>
<Autodiscover xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
<Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/mobilesync/responseschema/2006">
<Culture>en:us</Culture>
<User>
<DisplayName>will smith</DisplayName>
<EMailAddress>[email protected]</EMailAddress>
</User>
<Action>
<Settings>
<Server>
<Type>MobileSync</Type>
<Url>https://mail.LOLOLOLOLOLOLOLOL.net/Microsoft-Server-ActiveSync</Url>
<Name>https://mail.LOLOLOLOLOLOLOLOL.net/Microsoft-Server-ActiveSync</Name>
</Server>
</Settings>
</Action>
</Response>
</Autodiscover>
	Validating Exchange ActiveSync settings.
 	Exchange ActiveSync URL https://mail.LOLOLOLOLOLOLOLOL.net/Microsoft-Server-ActiveSync was validated successfully.
	Attempting to resolve the host name mail.LOLOLOLOLOLOLOLOL.net in DNS.
 	The host name resolved successfully.
 	
	Additional Details
 	IP addresses returned: 274.42.0.0
	Testing TCP port 443 on host mail.LOLOLOLOLOLOLOLOL.net to ensure it's listening and open.
 	The port was opened successfully.
	Testing the SSL certificate to make sure it's valid.
 	The certificate passed all validation requirements.
 	
	Test Steps
 	
	Validating the certificate name.
 	The certificate name was validated successfully.
 	
	Additional Details
 	Host name mail.LOLOLOLOLOLOLOLOL.net was found in the Certificate Subject Common name.
	Testing the certificate date to confirm the certificate is valid.
 	Date validation passed. The certificate hasn't expired.
 	
	Additional Details
 	The certificate is valid. NotBefore = 5/9/2011 10:54:34 AM, NotAfter = 5/8/2013 10:54:34 AM
	Checking the IIS configuration for client certificate authentication.
 	Client certificate authentication wasn't detected.
 	
	Additional Details
 	Accept/Require Client Certificates isn't configured.
	Testing HTTP Authentication Methods for URL https://mail.LOLOLOLOLOLOLOLOL.net/Microsoft-Server-ActiveSync.
 	The HTTP authentication methods are correct.
 	
	Additional Details
 	ExRCA found all expected authentication methods and no disallowed methods. Methods found: Basic
	An ActiveSync session is being attempted with the server.
 	Testing of an Exchange ActiveSync session completed successfully.
 	
	Test Steps
 	
	Attempting to send the OPTIONS command to the server.
 	The OPTIONS response was successfully received and is valid.
 	
	Additional Details
 	Headers received: Allow: OPTIONS,POST
MS-Server-ActiveSync: 14.1
MS-ASProtocolVersions: 2.0,2.1,2.5,12.0,12.1,14.0,14.1
MS-ASProtocolCommands: Sync,SendMail,SmartForward,SmartReply,GetAttachment,GetHierarchy,CreateCollection,DeleteCollection,MoveCollection,FolderSync,FolderCreate,FolderDelete,FolderUpdate,MoveItems,GetItemEstimate,MeetingResponse,Search,Settings,Ping,ItemOperations,Provision,ResolveRecipients,ValidateCert
Public: OPTIONS,POST
Content-Length: 0
Cache-Control: private
Date: Wed, 06 Jul 2011 02:17:03 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET

	Attempting the FolderSync command on the Exchange ActiveSync session.
 	The FolderSync command completed successfully.
 	
	Additional Details
 	Number of folders: 18
	Attempting the initial sync to the Inbox folder. This initial sync won't return any data.
 	The Sync command completed successfully.
 	
	Additional Details
 	Status: 1
	Attempting to test the GetItemEstimate command for the Inbox folder.
 	ExRCA successfully received the GetItemEstimate response from the server.
 	
	Additional Details
 	Estimate: 16 messages
	Attempting to test synchronization of the Inbox folder.
 	The Sync command completed successfully.
 	
	Additional Details
 	Number of items synchronized: 16
 
You must log in or register to reply here.
Back
Top