Issues with Security Alert Warning- OWA

  • From: "AdrianB" <adrianb@xxxxxxxxxxxxxxxxxxxxxxx>
  • To: <exchangelist@xxxxxxxxxxxxx>
  • Date: Fri, 15 Oct 2004 14:26:13 +1000


Our setup:
1 x Windows 2003 server DC, hosting Certificate Services.  
1 x Exchange 2003 server DC

I have configured a self-signed cert for OWA access. I can access OWA via
HTTPS, however, when I access the page using the server name
(https://<server>/exchange), I receive a Security Alert where the first and
last items are Warnings.  That is:

Warning- The security certificate was issued by a company you have chosen
not to trust...
Ticked- The security certificate date is valid
Warning- The name on the security certifcate is invalid or does not match...

I reference the article on SSL Enabling OWA 2003 using your
own Certificate Authority

The second warning is entirely valid, however, I do not understand why the
RootCA is not accepted as a valid issuing authority (Warning 1) as it is
part of AD. 
I have replicated AD using Sites and Services.

The Common Name for the CA is "RootCA.<domain-name>"
The Common name for the exchange site is "mail.<domain-name>"

Further, and this is not related to the SSL problem, but I am never asked
for my Username/password to access the page.  An example is shown in the document.

Any help would be appreciated.


Other related posts: