|Message:||Microsoft Exchange Client Access server “%1” attempted to proxy Outlook Web Access traffic to Client Access server “%2”. This failed because the Outlook Web Access registry key “AllowInternalUntrustedCerts” is set to “0”, but no certificate trusted by “%1” was available for the Secure Sockets Layer (SSL) encryption of the proxy connection.|
The Warning event indicates the computer that is running the Client Access server role could not proxy a Microsoft Office Outlook Web Access request from one Client Access server to a Client Access server that is located in a different Active Directory directory service site. This event occurs if the following conditions are true:
In a Microsoft Exchange Server 2007 organization, a Client Access server can act as a proxy for other Client Access servers within the organization. This is useful if the following conditions are true:
By default, the proxying process allows the use of an untrusted security certificate to create a secure HTTPS connection. You can create the AllowInternalUntrustedCerts registry key to change the default behavior.
For more information about Outlook Web Access proxying and redirection, see Understanding Proxying and Redirection.
To resolve this warning, follow one of more of these steps:
If you are not already doing so, consider running the tools that Microsoft Exchange offers to help administrators analyze and troubleshoot their Exchange environment. These tools can help you make sure that your configuration is in line with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. Go to the Toolbox node of the Exchange Management Console to run these tools now. For more information about these tools, see Toolbox in the Exchange Server 2007 Help.