After upgrading Exchange Server 2010 to Service Pack 3 you can access Outlook Web App without SSL as usual, but there’s the following problem after signing in successfully to OWA by http://servername/

We have a c

When you click on Options, or ‘new mail’ or  many other places, an error message appear: “Your request couldn’t be completed. This may have occurred for security reasons or because your session timed out”.

If you access OWA by https://servername/, everything is ok, Unchecking “Require SSL” settings in IIS doesn’t  help.

The solution is editing the web.config file and change the requireSSL=”true” to “false” , see the steps below :

  1. Find the Outlook Web App Web.config file on the Client Access server. The default location is <drive>Program FilesMicrosoftExchange Server<version>ClientAccessOwa.
  2. Make a backup copy of the file (Important!)
  3. Open the original file using Notepad.
  4. Find httpCookies httpOnlyCookies=”false” requireSSL=”true” domain=”” and change the requireSSL flag to false.
  5. Save and close the file.
  6. For the new settings to take effect, open a Command Prompt window, and then type iisreset to restart IIS.

2 thoughts on “Exchange 2010 SP3 – Your request couldn’t be completed. This may have occurred for security reasons

  1. great find. solved my problem. with the flag set to true and SSL unchecked on the virtual directory, when a user would log into OWA without SSL, get-logonstatistics would spike up dramatically and the session limit would be reached and the associated error would be thrown to the client. changing the value to false in the web.config completely solved the problem. no extraneous sessions are established and the session limit is not reached.

  2. Thanks thanks thanks. Worked for me immediately. We use OWA heavily and the morning after SP3 everything went to shit. This fixed it.

Leave a Reply

Your email address will not be published. Required fields are marked *