EX13-CA-000150 - Exchange OWA must use https - External

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Without protection of the transmitted information, confidentiality and integrity may be compromised since unprotected communications can be intercepted and either read or altered.

Solution

Open the Exchange Management Shell and enter the following command:

Set-OWAVirtualDirectory -Identity '<IdentityName>\owa (Default Web Site)' -ExternalUrl 'https://URL' -InternalUrl 'https://URL'

Note: The <IdentityName>\owa (default web site) value must be in quotes.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Exchange_2013_Y21M01_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-13, CAT|I, CCI|CCI-002418, Rule-ID|SV-84397r2_rule, STIG-ID|EX13-CA-000150, Vuln-ID|V-69775

Plugin: Windows

Control ID: 35d8180c4492976850bfc80c52d303ebe0656689ea3dc16a8bee4bb4443bff1f