Share via

Getting 503 errors on Exchange Server when accessing OWA or ECP

Kirk Becker 0 Reputation points
2025-12-08T01:02:37.6366667+00:00

We are in an emergency situation as one of our exchange servers is down, and while it appears our secondary is up with the Databases (which we failed to), we cannot access the OWA or ECP sites without getting a 503 error (service unavailable). We have checked the certificates on the Exchange back end and are using the Exchage self cert. Any other advise to get his up and running while we work on the hardware issue on the second server?

Exchange | Exchange Server | Management
Exchange | Exchange Server | Management
The administration and maintenance of Microsoft Exchange Server to ensure secure, reliable, and efficient email and collaboration services across an organization.
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Hani-Ng 5,790 Reputation points Microsoft External Staff Moderator
    2025-12-08T02:46:48.97+00:00

    Hi Kirk Becker

    Thank you for posting your question in Microsoft Q&A Forum.

    Based on the symptoms described, I understand that specifically the 503 Service Unavailable error occurs on OWA/ECP while the databases are mounted, and you have checked that the Exchange Back End is already bound to the "Microsoft Exchange" certificate, but the 503 error persists.

    A 503 error usually means that even though the door is open (the port is bound), the service behind it has crashed or is refusing connections. Here are some recommend steps for specific checks you can try:

    Check for Stopped Application Pools: If the binding is correct but the App Pool is stopped, you will get a 503.

    • Open IIS Manager and expand Application Pools > locate MSExchangeOWAAppPool and MSExchangeECPAppPool. If they showing as Stopped, right-click and Start them.
    • Note: If they start and then immediately stop again after you try to access the webpage, please let me know. This indicates a configuration corruption.

    Verify the "Microsoft Exchange" Certificate Validity

    Exchange often retains old, expired certificates that are also named "Microsoft Exchange." You may have inadvertently bound an expired one.

    • In IIS > Exchange Back End > Bindings > Port 444 > Edit.
    • Click the View button on the selected certificate and check the validity. If the certificate is expired, select the other "Microsoft Exchange" certificate in the dropdown list (the one with a valid date).

    Force Configuration Reload

    If you changed bindings recently, IIS might still be holding the old configuration in memory. May I ask if you ran cmdiisreset? If not, please open Command Prompt as Administrator and run it.

    Check Server Component States

    Since this is a secondary server, it may still be partially in Maintenance Mode or Inactive.

    Open Exchange Management Shell and run: 

    Get-ServerComponentState -Identity <ServerName>

    And please ensure that ServerWideOffline, OwaProxy, and Owa are set to Active.

    If they are Inactive, run:

    Set-ServerComponentState -Identity <ServerName> -Component ServerWideOffline -State Active -Requester Maintenance

    For detailed information, you can refer to:

    Get-ServerComponentState (ExchangePowerShell) | Microsoft Learn

    Set-ServerComponentState (ExchangePowerShell) | Microsoft Learn

    I hope my answer helps you, and I look forward to your update. For any further concerns, kindly let me know in the comment section.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.