Now we should be able to verify that a user will be *forced* to use an SSL connection regardless of whether they type in HTTP or HTTPS. Take a look at figure 14 to see if all our hard work has paid off!
We can see that it works if we type in the secure port (HTTPS) so now let’s see what happens when we type in HTTP. Figure 15 provides the proof. You need to look in the address bar to see that we are being redirected to the secure site even though we use the unsecured port (HTTP). Figure 15
Alrighty then, it looks like we have accomplished two of our three goals to this point. We have enabled SSL on our OWA server, and we have even configured it so that users are *forced* into an SSL connection when they connect to the OWA server. All that leaves us then is configuring the password change utility.