MSExchange OWA 42

  • Article

 

This article provides an explanation and possible resolutions for a specific Exchange event. If you don't find what you’re looking for here, try searching Exchange 2010 Help.

Details

Product Name

Exchange

Product Version

14.0

Event ID

42

Category

Proxy

Symbolic Name

ProxyErrorSslConnection

Message Text

Client Access server "%1" tried to proxy Outlook Web App traffic to Client Access server "%2". This failed because one of these configuration problems was encountered:%n%n1. "%2" has been set to use "http://" (not using SSL) instead of "https://" (using SSL). You can modify this by setting the InternalUrl parameter of the Outlook Web App virtual directory this proxy traffic is going to. You can set that parameter using the Set-OwaVirtualDirectory cmdlet in the Exchange Management Shell.%n%n2. The destination virtual directory returned an HTTP 403 error code. This usually means it's not configured to accept SSL access. You can change this configuration by using IIS Manager on the Client Access server "%2".%n%nIf you don't want this proxy connection to use SSL, you need to set the registry key "AllowProxyingWithoutSSL" on this Client Access server and to set the InternalUrl and SSL settings for the Outlook Web App virtual directory this proxy traffic is going to accordingly.

Explanation

This Error event indicates the computer that is running the Client Access server role could not proxy a Microsoft Office Outlook Web App request from one Client Access server to a Client Access server that is located in a different Active Directory site. A symptom of this error is that the user referenced in the event description could not use Outlook Web App to log on to their mailbox through the Client Access server in a different site. This event may be caused by one or more of the following:

  • The Outlook Web App virtual directory InternalURL of the target Client Access server does not use HTTPS as the prefix for the address.

  • HTTP 403 status code was returned by the Internet Information Services (IIS) of the target Client Access server.

For more information about this and other IIS status codes, see Microsoft Knowledge Base article 318380, IIS Status Codes.

For more information about Outlook Web App proxying and redirection, see Understanding Proxying and Redirection.

User Action

To resolve this error, take one or more of these steps:

  • Make sure that the InternalUrl address matches the fully qualified domain name (FQDN) of the Client Access server. For example, if you are using HTTPS, the InternalUrl should be in the format https://<InternalFQDN>/owa.

  • Make sure that you have correctly configured the prefix of the InternalUrl. For example, if the Client Access server is configured to proxy the traffic using HTTPS, make sure that the InternalUrl of the Outlook Web App virtual directory starts with the prefix HTTPS. If the Client Access server is configured to proxy the traffic using HTTP, configure the InternalUrl to use HTTP as the address prefix.

  • Make sure that the Outlook Web App virtual directory of the target Client Access server is configured to allow the incoming request to InternalUrl. You configure this setting using Internet Information Services (IIS).

Note It is highly recommended that you proxy the traffic between Client Access servers by using secure HTTPS. HTTPS is the default setting.

To proxy traffic using unsecured HTTP, do the following:

Warning

Incorrectly editing the registry can cause serious problems that may require you to reinstall your operating system. Problems resulting from editing the registry incorrectly may not be able to be resolved. Before editing the registry, back up any valuable data.

  1. In Registry editor, locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchange OWA.

  2. On the Edit menu, point to New, and then click Dword Value.

  3. Type AllowProxyingWithoutSsl, and then press Enter.

  4. Double-click AllowProxyingWithoutSsl.

  5. Under Value data, type 1.

  6. Under Base, click Decimal.

  7. Close Registry Editor.

  8. Restart Internet Information Services (IIS) by using the command iisreset/noforce.

For information about how to modify the properties of Outlook Web App virtual directories using the Set-OwaVirtual Directory cmdlet, see Set-OwaVirtualDirectory.

  • Contact a Microsoft Support professional to resolve this issue. To contact a Microsoft Support professional, visit the Exchange Server Solutions Center. In the navigation pane, click Assisted Support Options and use one of the assisted support options to contact a Microsoft Support professional. Because your organization may have a specific procedure for directly contacting Microsoft Product Support Services, be sure to review your organization's guidelines first.

For More Information

If you are not already doing so, consider running the Exchange tools, which have been created to help you analyze and troubleshoot your Exchange environment. These tools can help make sure that your configuration aligns with Microsoft best practices. They can also help you identify and resolve performance issues and improve mail flow. To run these tools, go to the Toolbox node of the Exchange Management Console. To learn more about these tools, see Managing Tools in the Toolbox.