Tip: Understand and Fix the Outlook Web App Security Warning

Follow Our Daily Tips

TechNet Tips library

By default, Client Access servers are configured to use Secure HTTP (HTTPS) for Outlook Web App. When you install Exchange Server 2010, a self-signed security certificate is automatically issued for the Client Access server. Since this default certificate is not issued by a trusted certificate authority, users will see a warning when they access OWA stating that there is a problem with the Web site’s security certificate.

At the warning prompt, the user simply needs to click the Continue To This Website link to access the Outlook Web App. Of course, this warning can be disconcerting to the user and have users click to continue anyway sets a bad precedent, training users to ignore online security warnings.

The user will see this warning continuously until you install a certificate from a trusted source on the server.

Tip adapted from Microsoft Exchange Server 2010 Administrator’s Pocket Consultant, by William R. Stanek.