Strange SSL behaviour with Exchange


Hi everyone,

I observe a very weird behavior with the SSL certificates of an exchange installation. So, I have 2 x Exchange servers in DAG configuration and free load master in front. I have configured on all of them a third party certificate. My DNS records point to the VIP of the LB.  Now, when I start a session to the exchange OWA, it passes the proper COMODO certificate up to the authentication screen. Once authenticated, and when the mails are displayed, the server passes some sort of self signed certificate which is not even configured on the exchange servers (there I only have my Comodo and the WinMSC) and the address bar becomes amber. When I connect straight to the exchange nodes, the proper SSL is passed even after authentication.

Now, this behaviour is only with the OWA. When I try ECP, I get always the proper certificate even after authentication.

Has someone bumped into this?

1 comment

Mark Deegan

Hello Vaselin,

Can you make sure the DNS name for the owa site is contained in the cert. Another thing to check is whether you have the intermediate and root certs from your CA installed on the loadmaster.