EX13-CA-000150 - Exchange OWA must use https - External

Information

Without protection of the transmitted information, confidentiality and integrity may be compromised since unprotected communications can be intercepted and either read or altered.

Solution

Open the Exchange Management Shell and enter the following command:

Set-OWAVirtualDirectory -Identity '<IdentityName>\owa (Default Web Site)' -ExternalUrl 'https://URL' -InternalUrl 'https://URL'

Note: The <IdentityName>\owa (default web site) value must be in quotes.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Exchange_2013_Y21M12_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-8, CAT|I, CCI|CCI-002418, Rule-ID|SV-234794r617323_rule, STIG-ID|EX13-CA-000150, STIG-Legacy|SV-84397, STIG-Legacy|V-69775, Vuln-ID|V-234794

Plugin: Windows

Control ID: e307ea12934c1a55bc72bd5da170bfdde9b5c7d134a51ad64da635034563289b