IIS Integration

Posts: 26
Joined: Mon Aug 01, 2011 4:43 pm

IIS Integration

Postby aram » Tue Jun 26, 2012 5:26 pm

Why isn't the Mailenable Protocols site listed in the IIS Integration tab in Active Sync management ?
I do have the checkbox set to show non-SSL sites.
The Mailenable Protocols site App Pool is started and I had a success with the connection test.
Running Enterprise 6.54

Seems I cannot move forward without the MailEnable Protocols site showing up in the
IIS Integration tab list, as I would want to use the MailEnable Protocols site for this test
(non-SSL) as well as when we go live (after I add our wildcard SSL cert to the site).
I have setup a Host header in the MailEnable site that has been registered properly in DNS.

I do have a wild card SSL cert, but don't yet want to install it on the MailEnable Protocols site
until I do an eval under non SSL with my iPhone.


Site Admin
Posts: 4441
Joined: Tue Jun 25, 2002 3:03 am
Location: Melbourne, Victoria Australia

Re: IIS Integration

Postby MailEnable » Wed Jun 27, 2012 6:33 am

Hi Dan,

The Protocols site is not listed because the Protocols site is already configured to service EAS and Autodiscovery requests (it is a special case).
ie: there is no need to configure that site with ActiveSync or Autodiscovery - and if you do so, it will actually break ActiveSync and Autodisccovery for the site (and thats why it does not appear)

The protocols site is there to configure host headers only. You dont need to create virtual directories under that site.
ie: you simply need to add the host header binding (and presumably SSL certificate) under IIS.

But, the other sites are listed so you can add ActiveSync support to an existing site. eg: a customer web site.
The advantage of this, is that those sites might already be configured to service SSL requests.
For example, if you have a customer web site for http://www.example.com and it had an SSL binding for https://www.example.com then you would enable autodiscovery and activesync for that site and simply create SRV records for to direct other domains to utilitise autodiscovery and activesync. ie: the SRV record would point to http://www.example.com for other mail domains.

The use of the protocols site applies if you want to define a new host purely for activesync or autodiscovery.

General Principals in Configuring SSL

The first thing is to get ActiveSync working without SSL (autodiscovery requires SSL to work properly, but ActiveSync itself can function without SSL).

In terms of SSL, as a general rule, you should consider what SSL certificates are available to you.

If you have only a single SSL certificate on the server, then the IIS web site that is configured with that certificate is the one that should be configured with ActiveSync and Autodiscovery.

You would only use the protocols web site if you have a wildcard certificate for a domain or you explicitly obtain a certificate for an activesync host.
Regards, Andrew

Posts: 26
Joined: Mon Aug 01, 2011 4:43 pm

Re: IIS Integration

Postby aram » Wed Jun 27, 2012 8:10 pm

Thanks Andrew...very good clarification.


Who is online

Users browsing this forum: No registered users and 1 guest