OWA No Longer Accessible from outside my Exchange Server

Status
Not open for further replies.
T

Todd M Foughty



Starting two days ago I am unable to access my OWA site. I run one computer domain, with an exchange server, and a Blackberry Enterprise Server.

The server is a Windows Server 2003 Standard Edition with Exchange 2007.

When I ran the best practice analyizer I got the message of "Certificate Principal mismatch. The principal for SSL certificate does not appear to match the host address".

I have searched and searched. Nothing I try is working. Has anyone seen this before and could assist me in getting OWA up and running?

Thanks in advanced..

Todd
 
L

Lee Derbyshire [MVP]

What happens when you try to use it? Are any error messages displayed? If you think that your SSL cert might be a problem, try unchecking 'Require SSL' on your OWA Virtual Directory, and test if it works using plain http instead of https.
www.owa-pda.com
email a@t leederbyshire d.0.t c.0.m
 
F

Frank.Wang



Hi Todd,

Any updates on your issue?

Please post the OWA error message here as Lee said.

Please check whether all uses cannot access OWA site (both outside and inside).

And please run the cmdlet Get-ExchangeCertificate | fl and post the results here.

Frank Wang





 
T

Todd M Foughty



I unchecked the "Require SSL" and again, when I am on the exchange server I can access OWA, any computer outside cannot.

The results to the Get-ExchangeCertificate is below:

[PS] C:\Documents and Settings\Administrator>Get-ExchangeCertificate | fl
AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System
.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {harbor40}
HasPrivateKey : True
IsSelfSigned : False
Issuer : CN=harbor40, DC=Foughty, DC=Local
NotAfter : 12/15/2012 9:35:48 PM
NotBefore : 12/16/2010 9:35:48 PM
PublicKeySize : 2048
RootCAType : Registry
SerialNumber : 13F436F400010000000A
Services : IMAP, POP, IIS
Status : Valid
Subject : CN=harbor40
Thumbprint : FB74B309F699750BB664737B6D671D10871347D0

AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System
.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {harbor40}
HasPrivateKey : True
IsSelfSigned : False
Issuer : CN=harbor40, DC=Foughty, DC=Local
NotAfter : 12/15/2012 9:33:52 PM
NotBefore : 12/16/2010 9:33:52 PM
PublicKeySize : 1024
RootCAType : Registry
SerialNumber : 13F27166000100000009
Services : IMAP, POP
Status : Valid
Subject : CN=harbor40, OU=Exchange, O=Foughty, L=Columbus, S=Ohio, C
=US
Thumbprint : E4F0A213F7B993520D36A161F0C4CD157D127EB7

AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System
.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {harbor40}
HasPrivateKey : True
IsSelfSigned : True
Issuer : CN=harbor40, DC=Foughty, DC=Local
NotAfter : 12/16/2015 10:24:25 AM
NotBefore : 12/16/2010 10:16:00 AM
PublicKeySize : 2048
RootCAType : Registry
SerialNumber : 47EA552D764B608841514D9C5ACA09E5
Services : IMAP, POP
Status : Valid
Subject : CN=harbor40, DC=Foughty, DC=Local
Thumbprint : 27BA62237ACA7E037639CB37C1CA82CE2DEDECA5

AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System
.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {harbor40.Foughty.Local}
HasPrivateKey : True
IsSelfSigned : False
Issuer : CN=harbor40, DC=Foughty, DC=Local
NotAfter : 12/9/2011 8:07:01 AM
NotBefore : 12/9/2010 8:07:01 AM
PublicKeySize : 1024
RootCAType : Registry
SerialNumber : 5B01D01C000000000005
Services : UM
Status : Valid
Subject : CN=harbor40.Foughty.Local
Thumbprint : 38741537B22E58249B165ED6CBD1723FD3AFAA45

AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System
.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {harbor40}
HasPrivateKey : True
IsSelfSigned : True
Issuer : CN=harbor40, DC=Foughty, DC=Local
NotAfter : 3/3/2014 12:58:46 AM
NotBefore : 3/3/2009 12:50:21 AM
PublicKeySize : 2048
RootCAType : Registry
SerialNumber : 2FBBB3E3170BE2934E1259150A306E08
Services : IMAP, POP
Status : Valid
Subject : CN=harbor40, DC=Foughty, DC=Local
Thumbprint : 1F5126EA26A0D6C80972CAB48199553956EA2F65
 
F

Frank.Wang



Hi Todd,

Could you please post the error message when outside users connect to OWA?

From the output, the RootCAType : Registry.

Registry: An internal, private PKI root CA that has been manually installed in the certificate store.
Do you apply the Exchange certificate from internal CA? If you installed the Enterprise CA to deploy certificate, the RootCAType should be Enterprise.

Enterprise An internal, private PKI root CA that has been deployed with Active Directory.

More information:

Certificate Use in Exchange Server 2007

http://technet.microsoft.com/en-us/library/bb851505(EXCHG.80).aspx

By the way, suggest you delete some certificates which are not used.

Frank Wang





 
Status
Not open for further replies.
Thread starter Similar threads Forum Replies Date
P OWA Settings->Calendar->Events from Email; Setting changes do not hold Using Outlook 1
G How to have domain client use owa server instead of exchange server while connect to network Using Outlook 1
J OWA vs. Outlook 2016 Bandwidth Exchange Server Administration 1
O Synchronize safe persons Outlook 2016 -> Outlook Web Access (OWA) Using Outlook 30
C OWA External Access - No URL / URL Invalid Exchange Server Administration 2
Diane Poremsky New Office365 Feature: URL Preview in OWA New Slipstick.com Articles 0
J IPAD Outlook OWA App - Help using Exchange 2007 Using Outlook 4
S Cannot disable OWA light Exchange Server Administration 5
J Stuck using OWA Exchange Server Administration 0
T Outlook Calendar Sync MY GOAL: see work calendar on home desktop w/o OWA Using Outlook 2
T Sync OWA? Exchange Server Administration 0
O Multiple simulteniously opened OWA 2010 accounts in one browser work fine ! Using Outlook 3
S Newly added user doesn't show up in GAL but available in OWA, Using Outlook 0
B Customize OWA page to open in a new window when logging in Exchange Server Administration 1
B OWA Calendar Views not available Exchange Server Administration 2
O outlook 2010, owa, exchange Exchange Server Administration 2
B Searching OWA Additional Mailbox - in which Secondary folder is the email? Using Outlook 1
D OWA and Windows 8 Exchange Server Administration 1
Z OWA Mailbox unavailable Exchange Server Administration 2
G Outlook 2013: Getting meeting invites in OWA format Using Outlook 9
R Lost Outlook 2007 message found in OWA Using Outlook 4
D OWA Send invitation AS (not from) Exchange Server Administration 1
E OWA phones home too much? Exchange Server Administration 1
S Cannot open any attachment from OWA Exchange Server Administration 2
T Syncing OWA 2010 to Outlook 2007 Exchange Server Administration 15
R OWA can't delete mail Exchange Server Administration 8
J Outlook and owa access Using Outlook 1
S Track emails in OWA Exchange Server Administration 1
T OWA and post dating Exchange Server Administration 1
S Unable to Sync Phones but OWA connects Exchange Server Administration 1
B [SOLVED] Forced to type Domain/username for OWA 2003 with IE 7 or 8 Exchange Server Administration 3
M Attachments cannot be opened in Outlook, OWA works fine Using Outlook 2
T OWA Folders Using Outlook 0
A Managing GAL via OWA Exchange Server Administration 5
J Mail read in OWA won't appear in Outlook Exchange Server Administration 1
1 mobile OS or apps for sync of all OWA/exchange PIM functions Exchange Server Administration 3
A OWA Certificate Expired Issue Using Outlook 1
C OWA 2010 Nicknames Multiply Using Outlook 3
S Signature size limit for OWA / Exchange 2010 Exchange Server Administration 10
T Military OWA on Outlook Using Outlook 1
T owa Exchange Server Administration 2
M Exchange 2010 OWA Redirect with Authentication Across AD Site Exchange Server Administration 1
J OWA 2010 Sp1 custom themes Exchange Server Administration 2
L User not shown in Adressbook but is shown in Adressbook using OWA Exchange Server Administration 6
K OWA breaks after moving mailbox to exch 2010 Exchange Server Administration 6
J Missing options in OWA Premium 2007 for some users Using Outlook 0
B OWA 2010 FBA Exchange Server Administration 2
S Owa failed to initialize after install of rollup 2 for Exchange 2010 SP1 Exchange Server Administration 9
N OWA: email flags not showing Using Outlook 1
B OWA 2010 without SSL Exchange Server Administration 7
Similar threads








































owa










Top