Exchange Server 2007 Autodiscover Certificate Error
Contents |
Exchange TeamApril 30, 200726 0 0 0 Update 10/4/2007: Since this post has been published, we've updated the Exchange 2007 Autodiscover Service whitepaper to autodiscover certificate error exchange 2010 include this information. Please consult the whitepaper for most up-to-date information. exchange 2003 autodiscover certificate error In Exchange 2007, we introduce the idea of the Autodiscover service. This service allows your Outlook 2007 outlook autodiscover certificate error exchange 2010 clients to retrieve the URLs that it needs to gain access to the new web services offered by Exchange 2007. These web services (OAB, Unified Messaging, OOF, and autodiscover certificate error exchange 2013 Availability) provide a good portion of the new functionality available to Outlook 2007. For more details about the Outlook 2007 features that light up based on the Exchange server version, please see Outlook 2007 feature matrix based on Exchange Server version. For domain-joined clients, Outlook is able to find the Autodiscover service using a service connection
Autodiscover Certificate Error Office 365
point (SCP). The SCP is an Active Directory entry specific to each client access server. When Outlook 2007 is able to securely connect to the domain and read this entry from Active Directory, it can connect directly to this URL. Once connected to the Autodiscover end-point, the Autodiscover service provides the client with the URLs of the other exchange web services. For non-domain-joined clients or clients that are not able to directly access the domain, Outlook is hard-coded to find the Autodiscover end-point by looking up either https://company.com/Autodiscover/Autodiscover.xml or https://Autodiscover.company.com/Autodiscover/Autodiscover.xml (where company.com is the portion of the user's SMTP e-mail address following the @ sign). This means that to service clients in this scenario we must provide connectivity to one of these URLs. On the surface this should not be hard; but this connection is made over SSL and requires a valid certificate. SSL and Certificates The communication to the Autodiscover end-point and subsequent communications to the services all occur over SSL. This requires that
(Русский)ישראל (עברית)المملكة العربية السعودية (العربية)ไทย (ไทย)대한민국 (한국어)中华人民共和国 (中文)台灣 (中文)日本 (日本語) HomeLibraryWikiLearnGalleryDownloadsSupportForumsBlogs Ask a question Quick access Forums home Browse forums users FAQ Search related threads Remove From My Forums Answered by: Outlook 2007 Autodiscover Certificate Errors, and Exchange is Configured Correctly Windows Small Business Server > Small Business
The Name On The Security Certificate Is Invalid Or Does Not Match The Name Of The Site Outlook 2010
Server Question 0 Sign in to vote Hello all, I had to outlook 2007 security certificate cannot be verified scratch my head a couple times before I found the solution to theissue. This occured at two of our clients, and outlook 2007 ssl certificate error can easily happen to anyone else. I hope this helps. We had a client who was running Outlook 2003 and 2007, based upon the age of the computer and the necessity ofOutlook.Out https://blogs.technet.microsoft.com/exchange/2007/04/30/exchange-2007-autodiscover-and-certificates/ of the blue all the computers with Outllook 2007started throwing the infamous autodiscover certificate validation error like the one below: I confirmed Exchange (2007) was configured for the internal autodiscover url properly - Open Exchange 2007 Management Shell and type "Get-AutoDiscoverVirtualDirectory". It was set to mail.domain.com. I also confirmed internal DNS was not a problem. I then realized both of these clients use a different company https://social.technet.microsoft.com/Forums/en-US/b74c1a03-43c3-4966-844e-bac69fe68028/outlook-2007-autodiscover-certificate-errors-and-exchange-is-configured-correctly?forum=smallbusinessserver to host their DNS. I consulted with these people and both had created a default DNS record, for *.domain.com. The problem with this is Outlook 2007 tries to connect to autodiscover regardless of if it exists, and even though the computer is on the domain and local to the server. Removing this default A record resolved the issue for both clients. Remarkably, neither clients's DNS had an autodiscover SRV record created, so I requested them to set this up as well: _autodiscover._tcp.domain.com 0 0 443 mail.domain.com This enabled autodiscover to work with our current and only certificate pointed to mail.domain.com, thus enabling autodiscover for all ActiveSync enabled devices. As a side note, one of these clients uses a Mac running OSX Lion. The built-in Apple Mail client will not connect to Exchange unless autodiscover was working properly. (Or at least that is what I had experienced.) I hope this helps someone else! Jon Edited by JonCaum Friday, December 16, 2011 5:58 PM Friday, December 16, 2011 5:55 PM Reply | Quote Answers 0 Sign in to vote Hi, Towards the Autodiscover certificate issue, Microsoft recommends that you provide all the necessary DNS names in the same certificate
Advertisement GFI MailEssentials helps system admins block spam and protect networks from email-borne threats. This is the only anti-spam solution which uses up-to five different antivirus engines. Get your FREE trial http://www.msexchange.org/articles-tutorials/exchange-server-2010/management-administration/exchange-autodiscover.html now! Close X Email security and anti-spam software (on premise) Powerful and effective business spam filtering Blocks email-borne viruses and other malware Granular, user-based email content policy enforcement Your FREE trial awaits: Download a 30 day, fully functional, free trial which also includes GFI technical support. No credit card required We would like to welcome our new esteemed author Jaap Wesselius to our team of certificate error authors as he presents his first article to MSExchange.org readers! In this article, we will take a deep dive into the Autodiscover feature in Exchange 2007/2010. If you would like to read the next part in this article series please go to Exchange Autodiscover (Part 2). Introduction When Microsoft released Exchange Server 2007, one of the new features it included was Autodiscover. Autodiscover allows you to autodiscover certificate error automatically configure Outlook 2007 clients, but, there is a lot more behind the Autodiscover functionality. When you have issues with the Out-of-Office or Free/Busy information in Outlook 2007 in combination with Exchange Server 2007 (or Outlook 2010 and Exchange Server 2010) it is likely that it is caused by a misconfiguration in the Autodiscover configuration. To make things more complex, the SSL certificates are involved here as well. Note:The Autodiscover process for Exchange 2007 and Outlook 2007 is practically the same as for Exchange 2010 and Outlook 2010. In this article I will use Exchange 2010 and Outlook 2010. Autodiscover information is stored in a so called SCP or Service Connection Point. You can view this SCP using Active Directory Sites and Services after you have enabled the “View Services Node” option: Figure 1: The Service Connection Point of the Client Access Server in Active Directory When installing the Client Access Server (Autodiscover is part of this Server Role) the SCP is automatically created in Active Directory and configured with the default values. If you have multiple CAS Servers there will be multiple SCP’s as well. When Outlook 2007 is installed on a domain joined w