Outlook Ssl Error Exchange 2010
Contents |
(עברית)المملكة العربية السعودية (العربية)ไทย (ไทย)대한민국 (한국어)中华人民共和国 (中文)台灣 (中文)日本 (日本語) HomeOnline20132010Other VersionsLibraryForumsGalleryEHLO Blog Ask a question Quick access Forums home Browse forums users FAQ Search related threads Remove From My Forums Answered by: Outlook 2010 Certificate Alert when connecting to Exchange 2010 Server outlook certificate error exchange 2010 name does not match Previous Versions of Exchange > Exchange Server 2010 Question 0 Sign in
Outlook 2010 Certificate Error Exchange 2013
to vote Hi, I am receiving the below security alert when launching a domain joined Outlook 2010 client;
Outlook Security Alert Certificate Keeps Popping Up
The security certificate was issued by a company you have not chosen to trust This is a self-signed certificate on the CAS server role which is separate to the Hub
Outlook 2010 Certificate Warning
and Mailbox. Unless something is completely screwed, Outlook 2007 against Exchange 2007 had no issues with domain joined machines and self-signed certificates. The following KB article explains the same issuehttp://support.microsoft.com/default.aspx/kb/2006728 but this is a native Exchange 2010 environment with no previous versions of CAS roles. Any help appreciated. Cheers Monday, January 04, 2010 11:33 AM Reply | Quote Answers 2 outlook 2010 certificate error when sending email Sign in to vote Hi, Yes, when internal user try to use outlook to connect exchange Server, outlook will try to find the e-mail address and exchange server name from AD. After that it will look for SCP and then find the correct the autodiscover server to connect, retrieve settings. So during the process of connecting to exchange server, it will have to use autodiscover to connect and retrieve user settings. So certificate regard to autodiscover will cause the issue. I’d like to share the process of how internal outlook user connect to exchange server. 1. Automatically retrieve e-mail address from Active Directory if domain joined machine. 2. Retrieve Exchange Server name if found and store for later. 3. Look for SCP objects or SCP pointer objects that correspond to user’s e-mail address, and find the correct Autodiscover server to connect to; then connect and retrieve settings. 4. If previous step fails, attempt DNS discovery of Autodiscover XML (allowing for 10 redirects). a. HTTPS POST: https://DOMAIN/autodiscover/autodiscover.xml b. HTTPS POST: https://autodiscover.DOMAIN/autodiscover/autodiscover.xml c. HTTP GET: http://autodiscover.
Start here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this site About Us Learn more about Stack Overflow the company outlook 2013 certificate error Business Learn more about hiring developers or posting ads with us Server Fault Questions Tags outlook 2013 certificate error internal server name Users Badges Unanswered Ask Question _ Server Fault is a question and answer site for system and network administrators. Join them; it only outlook 2010 autodiscover certificate error takes a minute: Sign up Here's how it works: Anybody can ask a question Anybody can answer The best answers are voted up and rise to the top Eliminate certificate warning when users access Outlook/Exchange 2010 on https://social.technet.microsoft.com/Forums/exchange/en-US/6d000de1-4549-4135-946a-4c5abeac4859/outlook-2010-certificate-alert-when-connecting-to-exchange-2010-server?forum=exchange2010 split domain setup up vote 2 down vote favorite I have an internally-hosted Exchange 2010 Server with an internal domain, EXCHANGE0.COMPANY.COM. I have configured all users to access Outlook (even internally) using Outlook-over-HTTP. To do so I have set up a client access certificate for the externally-facing domain mail.company.com. The problem is that whenever users open Outlook they are promptly greeted by certificate warnings of the mismatch between mail.company.com and EXCHANGE0.COMPANY.COM. I would like to http://serverfault.com/questions/341665/eliminate-certificate-warning-when-users-access-outlook-exchange-2010-on-split-d eliminate these warnings and I feel there is a way to do so either through DNS or through Exchange. I am just not sure what to do. AutoDiscover is configured using the SRV method if that matters at all. EDIT: Configuration on clients looks as follows Exchange Server: EXCHANGE0.COMPANY.COM Connect using Outlook Anywhere (HTTP): on fast and slow connections, connect to mail.company.com and only trust msstd:mail.company.com Name on certificate is mail.company.com, but Outlook was expecting EXCHANGE0.COMPANY.COM domain-name-system active-directory exchange exchange-2010 share|improve this question edited Dec 16 '11 at 16:36 asked Dec 16 '11 at 16:27 tacos_tacos_tacos 1,44153976 Can you clarify what the configuration looks like? Are the outlook clients configured to point to mail.company.com or exchange0.company.com? And what name is on the certificate? –Shane Madden♦ Dec 16 '11 at 16:35 This info has been added in the edit –tacos_tacos_tacos Dec 16 '11 at 16:37 Is it issued from an internal certificate authority where you could easily issue a new certificate with a subject alternate name? If not, then you may need to look at using a different IP address with an SSL listener with its own certificate - one IP for each name. –Shane Madden♦ Dec 16 '11 at 16:56 The mail.company.com certificate is issued externally. I would like to avoid purchasing an additional SSL cer
Start here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and http://serverfault.com/questions/690331/outlook-ssl-error-after-new-certificate-installation policies of this site About Us Learn more about Stack Overflow the company Business Learn more about hiring developers or posting ads with us Server Fault Questions Tags Users Badges Unanswered Ask Question _ Server Fault is a question and answer site for system and network administrators. Join them; it only takes a minute: Sign up Here's how it works: Anybody can ask certificate error a question Anybody can answer The best answers are voted up and rise to the top Outlook SSL Error after New Certificate Installation up vote 1 down vote favorite 1 Recently replaced the SSL cert on our Exchange 2010 box with a new wildcard cert. Assigned services, reconfigured all URL's for external and internal access to be identical (previous cert was a outlook 2010 certificate SAN cert with .local domain names and since they are no longer available we are having to change this), setup split DNS so internal and external clients all use the same DNS name for access. Everything works as expected, with the exception of Outlook clients receiving a mismatch certificate error... it appears the server is presenting the server.domain.local FQDN to the client and with the SSL being *.domain.com it doesn't match... I have followed all guides/articles I found ensuring that all URL's are setup properly and all point to the same external DNS name. Autodiscover internally also works and passes (we do not have it setup to autodiscover externally but Outlook anywhere does function as it should when manually configured, this has been tested) What has me perplexed with this issue is that newly created profiles/accounts do not have this issue so it seems to be more of an Outlook profile issue rather than a server issue. I can open Outlook and use my previously configured profile and I get the SSL mismatch error.. If I create a new Outlook profile and setup my account withi