Select the product you need help with
When you use a Outlook Web Access client to access an Exchange Server 2003 computer, you may receive an "HTTP 403.4" error messageArticle ID: 839913 - View products that this article applies to. On This PageSYMPTOMSWhen
you use a Microsoft Outlook Web Access client computer to access a Microsoft Exchange Server 2003
computer that is configure for Forms Based Authentication (FBA), you may receive the following error message: The page must be viewed over a secure channel
The page you are trying to access is secured with Secure Sockets Layer (SSL). Please try the following: Type https:// at the beginning of the address you are attempting to reach and press ENTER. HTTP Error 403.4 - Forbidden: SSL is required to view this resource. Internet Information Services (IIS) CAUSEThis problem occurs if the OWA client accesses the Exchange 2003 computer through a third-party
firewall server. For example, you use the following URL: https://myserver/exchange The SSL hardware
accelerator that is installed in the third-party firewall decrypts the request and then passes
the following URL to the Exchange 2003 computer: http://myserver/exchange Then, Exchange 2003 returns the following URL to the OWA client:
http://myserver/exchange When
the OWA client uses this URL to log on to the Exchange
2003 computer, you receive an "HTTP Error 403.4" error message.RESOLUTIONImportant This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base: 322756
(http://support.microsoft.com/kb/322756/
)
How to back up and restore the registry in WindowsHotfix informationThe hotfix for Exchange 2003 without Service Pack 1A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, contact Microsoft Customer Service and Support to obtain the hotfix. Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site: http://support.microsoft.com/contactus/?ws=support Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.
(http://support.microsoft.com/contactus/?ws=support)
File informationThe English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.Date Time Version Size File name -------------------------------------------------------------- 19-Apr-2004 06:49 6.5.6980.82 67,584 Owaauth.dll The hotfix for Exchange 2003 Service Pack 1A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, contact Microsoft Customer Service and Support to obtain the hotfix. Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site: http://support.microsoft.com/contactus/?ws=support Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.
(http://support.microsoft.com/contactus/?ws=support)
File informationThe English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.Date Time Version Size File name -------------------------------------------------------------- 15-Jun-2004 17:07 6.5.7232.1 67,584 Owaauth.dll
WORKAROUNDTo work around this problem, manually change the URL. To do this, type https://myserver/exchange/ in the Address bar in Microsoft Internet Explorer. STATUSMicrosoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section. MORE INFORMATIONIf you monitor the traffic that is captured between the third-party firewall and the Exchange 2003 computer, you notice a frame that is sent from the Exchange 2003 computer to the third-party firewall. This frame contains the following information about the location of the logon.asp page:
Note This problem does not occur if Exchange 2003 is configured with Microsoft Internet Security and Acceleration (ISA) Server 2000 or with Microsoft Internet Security and Acceleration Server 2004. ISA Server can send a corrected URL back to the OWA client. REFERENCES
For more information, click the following article numbers to view the articles in the Microsoft Knowledge Base:
327800
(http://support.microsoft.com/kb/327800/
)
How to configure SSL Offloading for Outlook Web Access in Exchange 2000 Server and in Exchange Server 2003
824684
(http://support.microsoft.com/kb/824684/
)
Description of the standard terminology that is used to describe Microsoft software updates
817903
(http://support.microsoft.com/kb/817903/
)
New naming schema for Exchange Server software update packages
Properties |
Back to the top
