So you have exchange server and a webserver on your network with only one server. So what do y0u to get the folks that forget to  put the https on the beginning of your webmail url to the right spot. If you had multiple ips it would be easy just redirecting all ssl traffic to a single ip and http to the other but allas that is not going to work in this circumstance. So what do you do? the answer a custom error redirect for the specific url. here is a link to MS article to do it.

https://support.microsoft.com/kb/555053/en-us

Enabling and enforcing SSL causes users to manually type the https:// portion or they get a 403;4 error page stating SSL is required.  Additionally, users must manually add /exchange to the end of the website in order to connect to OWA.

Q
How do I enable SSL and Form-based authentication?
How can I  automatically redirect requests from the https:// site to the https:// site?
How can I automatically redirect the default website to the /exchange virtual directory?
A
The first step to configuring the server is to first obtain a certificate (create your own, or purchase one from a 3rd party such as Verisign or Thawte) and assign that certificate to the server. This is performed on the Default Web Site properties, under the Directory Security Tab.  Once the certificate has been added, no additional configuration is needed on the Default Web Site. SSL does not need to be enabled. The following steps detail how to enable SSL, forms-based authentication and redirect the websites.

1.  On the properties of the Exchange Virtual Directory, go to the same Directory Security tab and under the Secure Communications area, click on Edit.  Choose Require Secure Channel (SSL) and check the box next to require 128-bit encryption.  Follow the same steps for the Public Virtual Directory.
2.  Now that you have enabled SSL, you can enable Forms-based authentication.  Go into Exchange System Manager, and go to the properties of the Default HTTP Virtual Server. Under the Settings tab, check the box Enable Forms-based authentication. Optionally, modify the compression settings.  Setting this to High will have the greatest performance improvement to users.  Forms-based authentication will allow Exchange to display the OWA logon screen instead of the popup window asking for username and password.
3.  Assuming that the only thing IIS does on your Exchange server is OWA, make the following change to redirect requests to the /exchange virtual directory.  Open notepad and type the word redirect.  Save the file with the name redirect.htm into the default web site directory.  Now go to the properties of this file from within IIS Manager, and under the option The content for this resource should come from: choose A redirection to a URL.  In the redirect to: box that is now able to be filled it, type /exchange.

*Note:  If you have additional content on the default web site of your Exchange server and/or host other websites, be aware that after completing this step, requests to the default website will result in automatic redirection to the /exchange virtual directory.  Make sure that you understand the impact of this change.

4.  On the properties of your Default Web Site, go to the Documents Tab. Add redirect.htm to the list of documents, and move it to the top of the list.  This ensures that the server checks for the redirect.htm file first and if it finds it, it will execute it.
5.  Open up notepad again and paste the following code.  Do not modify it. Save the file as owahttps.asp.
<%
     If Request.ServerVariables(“SERVER_PORT”)=80 Then
         Dim strSecureURL
         strSecureURL = “https://”
         strSecureURL = strSecureURL & Request.ServerVariables(“SERVER_NAME”)
         strSecureURL = strSecureURL & “/exchange”
         Response.Redirect strSecureURL
     End If
   %>
6.  In Windows Explorer, navigate to the wwwroot folder (x:\inetpub\wwwroot where x is the drive IIS is installed) and create a new folder called owaasp.  Place the owahttps.asp file into this directory. Once the directory is created, it should show up in IIS admin.
7.  The next step is to modify the Custom error for 403;4 (SSL required).  Go into the properties of the Exchange Virtual Directory, and go to the Custom Errors tab.  Scroll down and find 403;4 and choose Edit Properties. Change the message type to URL and in the URL, type, /owaasp/owahttps.asp.
8.  Next, in IIS Admin, go to the properties of the owaasp folder and on the bottom, under the Application Pool, choose ExchangeApplicationPool.  If the Application Pool is not available, Click the Create button next to Application Name and then you will be able to select the Application Pool.  Once this is configured, requeststo https://servername.domain.com will now be redirected to https://servername.domain.com/exchange.

 

By admin