How to Install Certificates on Outlook Web Access
- Open Internet Services Manager from your Administrative Tools.
- Open the Properties for the Web Site that is hosting OWA (normally the Default Web Site).
- Select the "Directory Security" tab and click "Server Certificates".
- You will now be presented with the "Pending Certificate Request" dialog box (below), select "Process the pending request and install the certificate", click Next.
- The "Process a Pending Request" dialogue box will appear (below), navigate to the site certificate that you received. click Next.
- You will now be presented with the "Certificate Summary" (below), click Next.
- Install the intermediate certificate :
You have now installed the SSL certificate into our web site. Next enable SSL for OWA.
- Using the Internet Services Manager, open the properties for the "Exchange" virtual directory.
- Select the "Directory Security" tab and the click on the "Edit" button in the Secure Communication section.
- In the "Secure Communications" dialog box (below), check the box "Require Secure Channel (SSL)". You can also check the box "Require 128-bit encryption", if you do check the 128-bit checkbox, any browsers that do not support 128-bit encryption will be unable to connect to OWA.
When users enter http://ahost.adomain.com/exchange, they will receive an "HTTP 403.4 - Forbidden: SSL required https://ahost.adomain.com/exchange. Please see the Microsoft article regarding forcing the use of SSL with OWA
Finally, ensure that your Firewall is configured to allow HTTPS (port 443 by default) to pass through.