Autodiscover Redirect Certificate Error
Contents |
(עברית)المملكة العربية السعودية (العربية)ไทย (ไทย)대한민국 (한국어)中华人民共和国 (中文)台灣 (中文)日本 (日本語) HomeOnline20132010Other VersionsLibraryForumsGalleryEHLO Blog Ask a question Quick access Forums home Browse forums users FAQ Search related threads Remove From My Forums Answered by: autodiscover cert error with new domain added to exchange Previous Versions of Exchange >
Autodiscover Certificate Keeps Popping Up
Exchange 2003 and Exchange 2007 - General Discussion Question 0 Sign in to exchange 2010 autodiscover certificate name mismatch vote Hi All Need a bit of advice regarding an issue I am having with autodiscover. My company only ever outlook 2010 autodiscover certificate error used 1 domain for my exchange so I purchased a UCC 10 SAN cert from GoDaddy and used this for exchange as well as RDS roles and other. All worked fine up
Autodiscover Certificate Error Exchange 2013
until now. I have a new domain coming into my exchange and have mailboxes with default SMTPs address configured for this new domain (This new mailboxes don’t use the old domain, only the new one). The new domain isn’t on the cert so when I setup exchange on first run I am getting: “autodiscover.newdomain.co.uk. Information you exchange with this site cannot be viewed or
Autodiscover Certificate Error Exchange 2007
changed by others. However, there is a problem with the sites security certificate. The security certificate is from a trusted certifying authority Yes, No. View cert.” If relevant, this is in an RDS environment Server 2008 R2 and Outlook 2013 SP1 So a couple of questions What problems can I expect if I just click yes? Outlook works fine if I click yes and close down and reopen. It does not reappearCan I resolve this without updating my cert with the new domain? I have been reading about using a .XML and pointing autodiscover to the domain on my cert. Is this a solution? Many thanks for any advice Thomas Saturday, March 01, 2014 6:40 PM Reply | Quote Answers 0 Sign in to vote Problem 1: Hmmm . . . if the Outlook clients are able to access the AD they should be picking up the CAS that autodiscover will us by finding the Service Connection Point (SCP) associated with the AD site. Is it that the machines having the problem are not domain-joined to a domain in your AD forest? That would causethem to fall back to using the RPC-ov
you also need an autodiscover.domain.com A record for each domain that you require autodiscover for. In this post, I'll autodiscover certificate error office 365 demonstrate how you can configure Autodiscover for multiple domains while using only
Autodiscover Ssl Certificate Error
a single name on your certificate. Background on the SRV autodiscover method Outlook can use different methods autodiscover redirect warning in outlook 2010 to find the autodiscover response - see here. One of these methods uses an SRV record such as _autodiscover._tcp.domain.com to provide the hostname of your Exchange server such https://social.technet.microsoft.com/Forums/exchange/en-US/46acd550-1942-44e4-b742-9ec2ac21b215/autodiscover-cert-error-with-new-domain-added-to-exchange?forum=exchangesvrgenerallegacy as mail.litwareinc.com. The Outlook client then retrieves the autodiscover XML file using the URL https://mail.litwareinc.com/autodiscover/autodiscover.xml. As you can see, there is no HTTPS connection made to https://autodiscover.domain.com and therefore there is no need for this name on the certificate. Lab setup In this demonstration, we have an Exchange 2013 and 2016 server in the organization. The http://markgossa.blogspot.com/2015/11/exchange-2013-2016-autodiscover-with-multiple-domains-and-single-name-certificate.html accepted domains are below: litwareinc.com litwareinc-marketing.com litwareinc-sales.com Our certificate only has a single name - mail.litwareinc.com and all virtual directories, our Service Connection Points (AutodiscoverServiceInternalUri) and Outlook Anywhere hostnames/URLs are all configured to use mail.litwareinc.com. Create the SRV records For more information on how to create SRV records, see here. For our domains, we need to create the same SRV record in each of the forward lookup zones on our internal and external DNS servers. The SRV record we need is below: Service: _autodiscover Protocol: _tcp Port Number: 443 Host: mail.litwareinc.com Priority: 0 Weight: 0 Confirm that the SRV records are set up correctly using nslookup Run the below commands to check that the SRV record is created correctly: nslookup set q=srv server 10.2.0.10 (this needs to be one of your internal DNS servers) _autodiscover._tcp.litwareinc.com _autodiscover._tcp.litwareinc-marketing.com _autodiscover._tcp.litwareinc-sales.com Repeat the above test but set the server to a public DNS server such as 8.8.8.8 so that you can check your public SRV records are created successfully. Remove the autodiscover
GROUP SPONSORED BY EXCLAIMER IN THIS DISCUSSION SSL Certificate Microsoft Security Client Microsoft Exchange Server 2010 Join the Community! Creating your account only takes https://community.spiceworks.com/topic/945849-autodiscover-security-alert a few minutes. Join Now Hello, I have a client who had an http://serverfault.com/questions/627870/outlook-security-alert-the-name-on-the-security-certificate-is-invalid-or-does on premise exchange server and they moved their exchange to a parent companies exchange server. They have a different domain name than the parent company. Since they moved the mailboxes they have been getting a Security Alert every time Outlook opens. The message says autodiscover.theirdomainname.com Information you exchange with this site cannot certificate error be viewed or changed by others. However, there is a problem with he sites security certificate. Then a red X next to The name on the security certificate is invalid or does not match the name of the site. Their email works fine other than this message. Reply Subscribe RELATED TOPICS: random autodiscover security alert popup using outlook2010 with exchange 2003 autodiscover security alert autodiscover certificate error in outlook Why your brain shuts down when you see a security alert   7 Replies Tabasco OP md0221 May 11, 2015 at 7:44 UTC Did the parent company modify their SSL certificate to accommodate the new domain? 2 Anaheim OP 21tech May 11, 2015 at 7:48 UTC I don't know. I will ask, I know I asked the parent company if this company still needed their ssl cert and they said no they wouldn't need it anymore. 0 Serrano OP jasonroper May 11, 2015 at 7:49 UTC Sounds like they'll need to have the SSL cert for that domain re-issued from the new server. Generate a request from the new server and you can get the cert re-issued. 1 Anaheim OP 21tech May 11, 2015 at 7:56 UTC Just to make sure I understand. I need to get the ssl cert reissued for our domain name and point it to the new exchange server for the parent company? 0 Habanero OP OverDrive May 11, 2015 at 8:05 UTC You'll need to do a bit more than
Start here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this site About Us Learn more about Stack Overflow the company Business Learn more about hiring developers or posting ads with us Server Fault Questions Tags Users Badges Unanswered Ask Question _ Server Fault is a question and answer site for system and network administrators. Join them; it only takes a minute: Sign up Here's how it works: Anybody can ask a question Anybody can answer The best answers are voted up and rise to the top Outlook security alert - The name on the security certificate is invalid or does not match the name of the site up vote 13 down vote favorite 4 SBS 2008 running Exchange 2007 and IIS6.0 CompanyA has two other companies that operate under the same roof. To accommodate email, we have 3 Exchange accounts per user to manage this. All users use their CompanyA account to log into the domain. CORP\user user@companyA.com CORP\user-companyb user@companyB.com <-- only used for email CORP\user-companyc user@companyC.com <-- only used for email Email works fine internally and via OWA. The problem exist when setting up Outlook for remote users who need access to companyB and companyC emails, Outlook pops up the certificate error. The SSL cert SAN has the following DNS names: webmail.companyA.com www.webmail.companyA.com CORP-SBS CORP-SBS.local autdiscover.companyA.com I was told by the users who access companyC email address remotely that this never used to happen before. This started with the CEO changed DNS providers on his own and in the process the original DNS settings were lost. He mentioned something about an SRV record being created which corrected this issue but that's about it. Looking for guidance on how to properly address this. ssl exchange outlook certificate