In previous blog, I simplify the configurations to a non-SSL environment, of cause, this is not the Exchange Server 2007 Default Settings and it is not fit for production environment, now I would like to change the settings back.

1. Remove All SSL setting in the Exchange Server 2007 (ignore the steps if you are using Default Settings).

1). Change the internal URL to back to HTTPs.

2). Un-check Require SSL option of SSL Settings in IIS Manager for OWA and Public virtual directory (vDir).

3). Restart IIS using IISReset /noforce.

4). Access the Test public folder “https://exchangeserver/public” for testing purpose.

you would see the URL direct to “https://exchangeserver/OWA” with an SSL certificate name warning.

You could ignore it by choosing Continue to this website, or add the certificate to Trusted Root Certification Authorities to resolve the issue.

(Optional) I do not like the default Exchange certificate (it is issued to NetBIOS name and make my demo failed a few times), so I create Self-Signed Certificate to replace it. you could create you own or using your current certificate based on your real environment.

In IIS Manager, Click Server Certificates.

In Actions, choose Create Self-Signed Certificate. Give a friendly name, click OK.

2. Add a new content source in SharePoint to crawl.

3. Start a Full Crawl for testing and an error 0x80040E4D.

if you checked Ignore SSL certificate name warnings in Central Administration > Application Management > Search Service > Farm-Level Search Settings, the error would looks like:

The error message for 0x80040E4D is DB_SEC_E_AUTH_FAILED which indicates this is an authentication error, and it seems a certificate error.

4. Add a crawl rule to attach the certificate.

1). Export the certificate from Exchange Server 2007 from IIS Manager.

2). Import to Index Server of SharePoint Farm.

Start > Run > mmc to open Microsoft Management Console.

 

Add Certificates Snap-in to the console, and choose Computer account. Click OK.

Import the certificate to Personal and Trusted Root Certification Authorities.

3). Create a new rule for the IIS site hosts Exchange services and attach the certificate to the crawler.

5. Start a Full Crawl for testing again and get a weird certificate error which I totally do not understand.

forget it, I have already attached the certificate to the crawler.

6. Assign the crawler to use a account which has the permission to access to Exchange OWA.

You could choose using another content access account or form credentials based on your OWA configurations.

Please make sure this rule has priority over the certificate rule.

and the rules looks like:

7. Start a Full Crawl for testing. Congratulations!  You made it!

Comments:

The key point is the SSL certificate, you may also need to check the settings in Central Administration > Application Management > Search Service > Farm-Level Search Settings.

If you get warnings when access the Public Folder in IE, you need to make sure the option is checked.

Specially thanks to Weiyi Hu, who is a support engineer in Microsoft, Some of the steps come from one of her cases.