RPC over HTTPS not wanting to work

RPC over HTTPS not wanting to work (Full Version)

All Forums >> [Microsoft Exchange 2003] >> Server Security

Message

SnowPunk98 -> RPC over HTTPS not wanting to work (28.Jul.2004 5:59:00 PM)
I created a SSL certificate with Windows 2003 server for OWA and RPC over HTTPS. I can connect to OWA using the SSL by using the address https://mail.domain.com/exchange the certificate was issued to mail.domain.com. I am trying to setup RPC over HTTPS now with Outlook 2003 and have read a few tutorials on how to do this and they all seem pretty straight forward. However when I try and connect I am unable to do so. I don't really know where to start troubleshooting so if anyone could help it would be appreciated.

mark@mvps.org -> RE: RPC over HTTPS not wanting to work (29.Jul.2004 11:14:00 AM)
If you have configured exactly as per the White Paper (for multiple server layout) or the KB (for single server layouts) then the next thing I usually ask is, is the certificate a trusted certificate or one from your own Organisation? If it's untrusted by the PC on the Internet you're using or the certificate name doesn't match the FQDN you're accessing it by then you won't get in. With OWA you'll at least get the popup box with the green ticks and yellow warnings about the cert, but with RPC over HTTPS you will just get a failure.

SnowPunk98 -> RE: RPC over HTTPS not wanting to work (29.Jul.2004 5:09:00 PM)
I created the cert myself with Windows CA so it is untrusted. I issued it to mail.domain.com so when I access OWA I go to https://mail.domain.com/exchange. I am then prompted with the popup saying it isn't trusted. Is there something I need to do on the client with Outlook with this certificate to make everything work?

Henrik Walther -> RE: RPC over HTTPS not wanting to work (29.Jul.2004 11:13:00 PM)
Yes it's very important you install the SSL certificate into the Trusted Root Authentication Authorities store on the client (in IE), otherwise it won't work with a self-issued Certificate.

SnowPunk98 -> RE: RPC over HTTPS not wanting to work (29.Jul.2004 11:39:00 PM)
And to do that I could basically go to OWA and when it prompts me that it isnt trusted I can install it right? Or do I need to do it another way?

Henrik Walther -> RE: RPC over HTTPS not wanting to work (30.Jul.2004 12:04:00 AM)
Yes, and remember to specify the mentioned Store, it won't work when installing into one the others.

SnowPunk98 -> RE: RPC over HTTPS not wanting to work (30.Jul.2004 12:22:00 AM)
I just installed it to the sore that you said. OWA still gives me the warning even after closing IE and opening a new one. If I am still getting the warning with OWA I will still have a problem with RPC right?

Henrik Walther -> RE: RPC over HTTPS not wanting to work (30.Jul.2004 1:01:00 AM)
Yes you will still have problems if it isn't installed. You might want to try installing the Certificate by clicking Tools > Internet options > Content > Certificates > Trusted Root Certification Authorities. You could also have the Cert installed by using the methods in below MS KB: 297681 - Error Message: This Security Certificate Was Issued by a Company that You Have Not Chosen to Trust

SnowPunk98 -> RE: RPC over HTTPS not wanting to work (30.Jul.2004 1:15:00 AM)
It keeps saying it completed sucessfully and imported the cert but it isnt there. I am trying to do this using remote desktop so I will try again when I get home.

SnowPunk98 -> RE: RPC over HTTPS not wanting to work (30.Jul.2004 4:11:00 AM)
Ok I got the cert installed and OWA no longer prompts me with the warning. When I try with the RPC over HTTPS it just keeps asking me for my username and password over and over.

mark@mvps.org -> RE: RPC over HTTPS not wanting to work (30.Jul.2004 2:33:00 PM)
And you're entering the information in the format "domain\userid" ?

SnowPunk98 -> RE: RPC over HTTPS not wanting to work (30.Jul.2004 4:36:00 PM)
Yep I have tried domain\userid, domain.local\username, comain.com\username and they all just keep asking for the password. For the exchange server I normally keep it as machinename.domain.com however I have also tried mail.domain.com nothing works.

SnowPunk98 -> RE: RPC over HTTPS not wanting to work (3.Aug.2004 1:08:00 AM)
It just keeps asking me over and over for my username and password

SnowPunk98 -> RE: RPC over HTTPS not wanting to work (4.Aug.2004 1:08:00 AM)
Finally got it working, had to enable the backend RPC server even though I didnt have one. Once I did that and rebooted I edited the registry for the proxy and then it worked like a charm. The only thing I am wondering is why it keeps asking me for my password, cant it save it?

Henrik Walther -> RE: RPC over HTTPS not wanting to work (4.Aug.2004 11:06:00 AM)
Good to hear you got it sorted out Regarding your question no you can't save the password as you're using SSL.

SnowPunk98 -> RE: RPC over HTTPS not wanting to work (4.Aug.2004 4:56:00 PM)
Well that kinda sucks, it's kinda a pain to always have to put in my password everytime I open Outlook. I would think that even with SSL it should still be able to store my password and just send it the same way.

Henrik Walther -> RE: RPC over HTTPS not wanting to work (4.Aug.2004 5:11:00 PM)
Well you do have an option see below MS KB article for details: 820281 - You Must Provide Windows Account Credentials When You Connect to Exchange Server 2003 With Outlook Over HTTP

SnowPunk98 -> RE: RPC over HTTPS not wanting to work (6.Aug.2004 7:08:00 PM)
I dont know if that will work for me, I log into my local machine as Administrator to a workgroup. Is this KB article saying that it would be using pass through authentication using my local creditals for my RPC?

Henrik Walther -> RE: RPC over HTTPS not wanting to work (7.Aug.2004 11:46:00 AM)
You must be logged on to the domain to get this working.

SnowPunk98 -> RE: RPC over HTTPS not wanting to work (7.Aug.2004 7:36:00 PM)
Ya I am not logged into the domain, if I was I would just connect via Exchange. The domain is just 1 server no computer connect to it. Do you know if its possible to connect to a domain over DSl like with a VPN or something?

Page: [1] 2 next > >>