Installing your SSL: Microsoft Exchange 2003
To install your SSL certificate, you will need to do the following:
Step 1 of 10
Open Internet Information Services Manager, or the custom MMC containing the Internet Information Services snap-in.
Step 2 of 10
Expand Internet Information Services (if needed) and browse to the Web site you have a pending certificate request on.
Step 3 of 10
Right-click on the site and then click Properties.
Step 4 of 10
Click the Directory Security tab.
Step 5 of 10
Under the Secure Communications section, click Server Certificate.
Step 6 of 10
On the Web Server Certificate Wizard, click Next.
Step 7 of 10
Choose to Process the Pending Request and Install the Certificate. Click Next.
Step 8 of 10
Type in the location of the certificate response file (you may also browse to the file), and then click Next.
Step 9 of 10
Read the summary screen to be sure that you are processing the correct website security certificate, and then click Next.
Step 10 of 10
You will see a confirmation screen. After reading this information, click Next.
Now you have installed the SSL Certificate you must assign it in Exchange:
Step 1 of 3
Using the Internet Services Manager, open the properties for the Exchange virtual directory.
Step 2 of 3
Select the Directory Security tab and the click on the Edit button in the Secure Communication section.
Step 3 of 3
In the Secure Communications dialogue box, check the box Require Secure Channel (SSL), you could also check the box Require 128-bit encryption, if you do check the 128-bit checkbox, any browsers that do not support 128-bit encryption will be unable to connect to OWA.
Now when users enter http://www.yourdomain.com/exchange, they will receive an "HTTP 403.4 – Forbidden: SSL required Internet Information Services" error message, because we have configured OWA to require SSL. SSL uses the HTTPS protocol, so users would need to enter the url as:
Microsoft has written an article about forcing the use of SSL with OWA: