How To

How to Install Certificates on Outlook Web Access

  • Open Internet Services Manager from your Administrative Tools.
  • Open the Properties for the Web Site that is hosting OWA (normally the Default Web Site).
  • Select the "Directory Security" tab and click "Server Certificates".
  • You will now be presented with the "Pending Certificate Request" dialog box (below), select "Process the pending request and install the certificate", click Next.

    IIS Certificate Wizard
  • The "Process a Pending Request" dialogue box will appear (below), navigate to the site certificate that you received. click Next.

    SSL Pending Request Process
  • You will now be presented with the "Certificate Summary" (below), click Next.

    SSL Certificate Summary
  • Install the intermediate certificate :

You have now installed the SSL certificate into our web site. Next enable SSL for OWA.

  • Using the Internet Services Manager, open the properties for the "Exchange" virtual directory.

    Enable SSL for OWA
  • Select the "Directory Security" tab and the click on the "Edit" button in the Secure Communication section.
  • In the "Secure Communications" dialog box (below), check the box "Require Secure Channel (SSL)". You can also check the box "Require 128-bit encryption", if you do check the 128-bit checkbox, any browsers that do not support 128-bit encryption will be unable to connect to OWA.
OWA Path and File Name

When users enter http://ahost.adomain.com/exchange, they will receive an "HTTP 403.4 - Forbidden: SSL required https://ahost.adomain.com/exchange. Please see the Microsoft article regarding forcing the use of SSL with OWA

Finally, ensure that your Firewall is configured to allow HTTPS (port 443 by default) to pass through.