When offloading SSL for OWA, you should follow the recommendations set by Microsoft. Progress Kemp understands these recommendations to be:

  1. In the main menu of the LoadMaster WUI, select Virtual Services.
  2. Select Add New.

  3. Enter a valid Virtual Address.
  4. Enter 443 as the Port.
  5. Enter a recognisable Service Name, for example Exchange 2010 OWA.
  6. Select tcp as the Protocol.
    Note: The combination of Virtual Address, Port and Protocol must be unique within the LoadMaster.
  7. Click Add this Virtual Service.
  8. Configure the settings as shown in the following table:

    * By default, a self-signed certificate is used. Click OK when a message displays indicating that there is no SSL certificate currently available for your Virtual Service. Optional: You can export the appropriate certificate and key from Exchange 2010 using the Microsoft export information found at http://technet.microsoft.com/en-us/library/bb310778.aspx . Ensure to export the certificate and private key as a Personal Information File (PFX). An SSL certificate can be obtained from any certificate authority. When prompted by a third party certificate authority to specify a server type, indicate “Apache”. The format of Apache server type certificates is recognized by the LoadMaster. Optional: You can import the appropriate PFX certificate and key file into the LoadMaster. For instructions on how to do this, refer to the Importing and Assigning an SSL Certificate section.

    Section

    Option

    Value

    		 Comment
    SSL Properties SSL Acceleration Enabled*

    Standard Options

    		Transparency Disabled
    Persistence Mode Super HTTP
    Persistence Timeout 1 Hour

    		Idle Connection Timeout 900 Click Set Idle Timeout.

    Advanced Properties

    		Add Header to Request FRONT-END-HTTP:ON Click Add Header.
    Redirection URL https://%h%s Click Add HTTP Redirector. This creates a redirect Virtual Service on port 80 with the same IP address.

    Real Servers

    		Real Server Check Method HTTP Protocol
    Checked Port 80 Click Set Check Port.
    URL /owa Click Set URL.
  9. Click the Add New… button.

  10. Enter the Real Server Address.
  11. Enter 80 as the Port.
  12. Click Add This Real Server.
  13. Click OK in response to the confirmation that the Real Server was added.

To view, modify, or delete any Real Servers that have been added, select the Virtual Services > View/Modify Services option in the main menu of the LoadMaster WUI.

The HTTP redirect Virtual Service needs to be configured. Refer to the Creating the Virtual Service for the RPC CA (MAPI) & Address Book Service section for instructions on how to do this.