How to Configure the RPC Proxy Server to Allow for SSL Offloading on a Separate Server
This topic explains how to configure the RPC proxy server to allow for Secure Sockets Layer (SSL) offloading on a separate server. SSL offloading occurs when you use a server other than the RPC proxy server to handle your SSL encryption and decryption. For example, if the firewall in front of the RPC proxy server handles the SSL encryption and decryption, terminates the SSL session and then establishes a new non-SSL session to the RPC proxy server, you are using SSL offloading. If you use SSL offloading, you must set a special registry setting on the RPC proxy server.
Before You Begin
To successfully complete the procedure in this topic, confirm that you have configured your authentication correctly.
Note
In Exchange Server 2003 SP1, authentication for RPC over HTTP on an RPC proxy server is configured automatically.
This topic contains information about editing the registry.
Warning
Incorrectly editing the registry can cause serious problems that may require you to reinstall your operating system. Problems resulting from editing the registry incorrectly may not be able to be resolved. Before editing the registry, back up any valuable data.
Procedure
To configure the RPC proxy server to allow for SSL offloading on a separate server
On the RPC proxy server, start Registry Editor (Regedit).
In the console tree, locate the following registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\RpcProxy
Create a DWORD value with the name AllowAnonymous.
Right-click the AllowAnonymous DWORD value, and select Modify.
In the Value data field, enter 1.
Important
On the RPC virtual directory security settings in Internet Information Services (IIS), under Authentication methods, verify that the check box next to Enable anonymous access is cleared.
Restart the World Wide Web Publishing Service (W3SVC) in the services snap-in to Microsoft Management Console (MMC).
For More Information
For more information, see:
Microsoft Knowledge Base article 833003, "Description of the RPC over HTTP feature and the AllowAnonymous registry entry in Windows Server 2003" (https://go.microsoft.com/fwlink/?Linkid=3052&kbid=833003)
How to Deploy RPC over HTTP for the First Time on Exchange Server 2003 SP1, No Front-End Server
How to Deploy RPC over HTTP for the First Time on Exchange Server 2003, Front-End/Back-End Scenario
How to Deploy RPC over HTTP for the First Time on Exchange Server 2003, No Front-End Server