After upgrading Exchange Server 2010 to Service Pack 2 you can access Outlook Web App without SSL as usual, but there’s the following problem after signing in successfully to OWA by http://servername/
When you click on Options, or ‘new mail’ or many other places, an error message appear: “Your request couldn’t be completed. This may have occurred for security reasons or because your session timed out”.
If you access OWA by https://servername/, everything is ok, Unchecking “Require SSL” settings in IIS doesn’t help. (if it isn’already unchecked)
The solution is editing the web.config file and change the requireSSL=”true” to “false” , see the steps below :
- Find the Outlook Web App Web.config file on the Client Access server. The default location is <drive>\Program Files\Microsoft\Exchange Server\<version>\ClientAccess\Owa.
- Make a backup copy of the file.
- Open the original file using an editor such as Notepad. Don’t use IIS Manager to edit the Web.config file.
- Find httpCookies httpOnlyCookies=”false” requireSSL=”true” domain=”” and change the requireSSL flag to false.
- Save and close the file.
- For the new settings to take effect, open a Command Prompt window, and then type iisreset /noforce to restart IIS.
NOTE it is safer to use HTTPS everywhere (instead of bridging HTTPS –> HTTP)
Disclaimer : The author reserves the right not to be responsible for the topicality, correctness, completeness or quality of the information provided.