SSL is enabled on the Public virtual directory

[This topic is intended to address a specific issue called out by the Exchange Server Analyzer Tool. You should apply it only to systems that have had the Exchange Server Analyzer Tool run against them and are experiencing that specific issue. The Exchange Server Analyzer Tool, available as a free download, remotely collects configuration data from each server in the topology and automatically analyzes the data. The resulting report details important configuration issues, potential problems, and nondefault product settings. By following these recommendations, you can achieve better performance, scalability, reliability, and uptime. For more information about the tool or to download the latest versions, see "Microsoft Exchange Analyzers" at]  

Topic Last Modified: 2010-04-01

The Microsoft Exchange Best Practices Analyzer examines the security settings for the Public virtual directory on Exchange Server 2003-based computers. The tool examines these settings to determine whether Secure Sockets Layer (SSL) is configured on the Public virtual directory.

If the Analyzer detects that SSL is enabled, the tool generates a warning message. Having SSL enabled on the Public virtual directory interferes with free/busy public folder lookup requests.

Exchange provides access to public folders from Microsoft Office Outlook or from a Web browser or mobile device. To provide public folder access from Web browsers or mobile devices, Exchange uses the Public virtual directory in Internet Information Services (IIS).

Web client programs can use public folders to obtain free/busy information for Exchange calendars.


Users who are connected to Exchange 2003 mailboxes use public folders to access free/busy information.

To address this issue, modify the directory security settings on the Public virtual directory on the Exchange 2003 server to disable SSL.

To modify virtual directory permissions in Internet Information Services (IIS)

  1. Start Internet Information Services (IIS) Manager.

  2. Expand the server, expand Web Sites, expand Default Web Site, right-click Public, and then click Properties.

  3. Click the Directory Security tab, and then click Edit under Secure communications.

  4. Click to clear the Require secure channel (SSL) check box, and then click OK two times.

  5. At a command prompt, run the iisreset command to reset IIS.