Topic Last Modified: 2010-01-26
The Microsoft Exchange Server 2010 Management Pack for System Center Operations Manager monitors the Windows Application log on computers running Exchange 2010 and generates this alert when the events specified in the following Details table are logged.
To learn more about this alert, in Operations Manager, do one or more of the following:
- From the Operations Console, double-click this alert, and then
click the General tab. Review the description of the alert
that includes the variables specific to your environment.
- From the Operations Console, double-click this alert, and then
click the Alert Context tab. Review the logged events that
meet the criteria of this Operations Manager alert.
Details
|
Product Name |
Exchange |
|
Product Version |
14.0 (Exchange 2010) |
|
Event ID |
43 |
|
Event Source |
MSExchange OWA |
|
Alert Type |
Error |
|
Rule Path |
Microsoft Exchange Server/Exchange 2010/Client Access/Outlook Web Access |
|
Rule Name |
The Outlook Web App proxy failed because it couldn't find a trusted certificate for SSL encryption. |
Explanation
The Warning event indicates the computer that is running the Client Access server role could not proxy a Microsoft Office Outlook Web App request from one Client Access server to a Client Access server that is located in a different Active Directory site. This event occurs if the following conditions are true:
- The security certificate presented by the remote proxying
Client Access server is not trusted by the Client Access server
that initiates the proxy request.
- The Client Access server that initiates the proxy request does
not allow untrusted security certificates for proxying.
In an Exchange Server 2010 organization, a Client Access server can act as a proxy for other Client Access servers within the organization. This is useful if the following conditions are true:
- Multiple Client Access servers are present in different
Active Directory sites in an organization.
- Only one Client Access server is exposed to the Internet.
By default, the proxying process allows the use of an untrusted security certificate to create a secure HTTPS connection. You can create the AllowInternalUntrustedCerts registry key to change the default behavior.
For more information about Outlook Web App proxying and redirection, see Understanding Proxying and Redirection.
User Action
To resolve this warning, follow one of more of these steps:
- Verify that the security certificate installed at
Outlook Web App virtual directories of the remote
proxying Client Access server is from a trusted certifying
authority.
- Configure the Client Access server that initiates the proxy
request to use an untrusted security certificate for proxying. You
configure this setting by editing the registry.
Caution Incorrectly editing the registry can cause serious problems that may require you to reinstall your operating system. Problems resulting from editing the registry incorrectly may not be able to be resolved. Before editing the registry, back up any valuable data.
For More Information
If you are not already doing so, consider running the Exchange tools created to help you analyze and troubleshoot your Exchange environment. These tools can help make sure that your configuration aligns with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. To run these tools, go to the Toolbox node of the Exchange Management Console. To learn more about these tools, see Managing Tools in the Toolbox.