Jan 8 2015

Outlook Web Access stops working after renewing 3rd party Certificate

We had an interesting issue this week. We renewed our Exchange certificate with a 3rd party vendor. Installed the certificate on Exchange and ISA Server.

OWA access from the internet stopped working after we installed the certificates. We tested OWA internally and it worked which pointed to something on the ISA server. After a long investigation we found the issue to be ISA running on Windows 2003 which is not compatible with the Secure Hash Algorithm 2 (SHA2) family of hashing algorithms that the certificates from our 3rd party cert provider issues.

Microsoft has a hotfix available to get around this. We were able to access OWA from the internet after installing this hotfix on the ISA server running Windows 2003 Server.

The Microsoft article can be found below. You will find more technical detail within this article and have the opportunity to download the hotfix. Note that you need to restart your Windows 2003 Server after installing the hotfix.

Microsoft KB938397