dan_slank -> OWA FQDN problems (11.Sep.2005 9:08:32 PM)
I'm having a confusing problem with OWA I hope I can get some help with! :)
At work I have recently "inherited" a (somewhat dodgy) Windows 2000 with Exchange and OWA. It is also the PDC and DNS for our internal network. OWA was accessed externally by our employees (via a Squid tranpsarent reverse proxy on the FreeBSD firewall which I installed for us a while ago). It has been chugging along fine until a few days ago when OWA "stopped working".
Now on closer inspection, it appears that using the FQDN in a web browser to access the server (ie http://mail.domain.com/exchange) fails to work, even internally, however on the internal network, it *IS* possible to access OWA using the local server name (ie http://server1/exchange/). I can't even access the webserver with out the "/exchange/" on the end, ie http://mail.domain.com). Using the external IP address, internally (ie the IP address that mail.domain.com resolves to) fails to work too.
The "Internet Information Services" configuration window shows red "Error" signs next to the "public" and "Exchange" items.
On bootup, the Event Log gets messages saying (among other things):
"A fatal error occurred while creating an SSL server credential. "
"Dynamic registration or deregistration of one or more DNS records failed with the following error:
No DNS servers configured for local system. "
I have run "IIS Diagnostics/SSL Diagnostics 1.0" on the server and it fails on the third item (W3SVC/1), saying:
[ W3SVC/1 ]
ServerComment = Default Web Site
ServerAutoStart = True
ServerState = Server Started
SecureBindings = 443
! #SSL port (SecureBindings) set but certificate not installed
And the description suggests the certificate was removed or unassigned.
I have tried to install a new certificate by following Q290625, but once I get to Step 1 of "Submit a Certificate Request"; accessing http://YourWebServerName/certsrv/ I get stuck because it says the URL isn't valid.
So, is this apparent lack of SSL Certificate what is causing the problem? Does it explain why I can't even just access the normal root directory of the webserver; not the OWA part? It seems to me the crux of the problem is that, even internally, using the external domain name/IP fails to work where it once did.
Any help at all on this would be greatly appreciated.