Exchange 2010 Outlook Ssl Certificate Error
Contents |
360 games PC games exchange 2010 ssl certificate warning outlook Windows games Windows phone games Entertainment All Entertainment outlook certificate error exchange 2010 name does not match Movies & TV Music Business & Education Business Students & educators exchange 2010 certificate error when opening outlook Developers Sale Sale Find a store Gift cards Products Software & services Windows Office Free downloads & security Internet
Exchange 2010 Ssl Certificate Name Mismatch
Explorer Microsoft Edge Skype OneNote OneDrive Microsoft Health MSN Bing Microsoft Groove Microsoft Movies & TV Devices & Xbox All Microsoft devices Microsoft Surface All Windows PCs & tablets PC accessories Xbox & games Microsoft Lumia All exchange 2010 ssl certificate expired Windows phones Microsoft HoloLens For business Cloud Platform Microsoft Azure Microsoft Dynamics Windows for business Office for business Skype for business Surface for business Enterprise solutions Small business solutions Find a solutions provider Volume Licensing For developers & IT pros Develop Windows apps Microsoft Azure MSDN TechNet Visual Studio For students & educators Office for students OneNote in classroom Shop PCs & tablets perfect for students Microsoft in Education Support Sign in Cart Cart Javascript is disabled Please enable javascript and refresh the page Cookies are disabled Please enable cookies and refresh the page CV: {{ getCv() }} English (United States) Terms of use Privacy & cookies Trademarks © 2016 Microsoft
Start here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this site About Us Learn exchange 2010 ssl certificate autodiscover more about Stack Overflow the company Business Learn more about hiring developers or
Exchange 2010 Ssl Certificate Request
posting ads with us Server Fault Questions Tags Users Badges Unanswered Ask Question _ Server Fault is a question and answer
Exchange 2010 Ssl Certificate Multiple Domains
site for system and network administrators. Join them; it only takes a minute: Sign up Here's how it works: Anybody can ask a question Anybody can answer The best answers are voted up and https://support.microsoft.com/en-us/kb/2783881 rise to the top Eliminate certificate warning when users access Outlook/Exchange 2010 on split domain setup up vote 2 down vote favorite I have an internally-hosted Exchange 2010 Server with an internal domain, EXCHANGE0.COMPANY.COM. I have configured all users to access Outlook (even internally) using Outlook-over-HTTP. To do so I have set up a client access certificate for the externally-facing domain mail.company.com. The problem is that whenever users open http://serverfault.com/questions/341665/eliminate-certificate-warning-when-users-access-outlook-exchange-2010-on-split-d Outlook they are promptly greeted by certificate warnings of the mismatch between mail.company.com and EXCHANGE0.COMPANY.COM. I would like to eliminate these warnings and I feel there is a way to do so either through DNS or through Exchange. I am just not sure what to do. AutoDiscover is configured using the SRV method if that matters at all. EDIT: Configuration on clients looks as follows Exchange Server: EXCHANGE0.COMPANY.COM Connect using Outlook Anywhere (HTTP): on fast and slow connections, connect to mail.company.com and only trust msstd:mail.company.com Name on certificate is mail.company.com, but Outlook was expecting EXCHANGE0.COMPANY.COM domain-name-system active-directory exchange exchange-2010 share|improve this question edited Dec 16 '11 at 16:36 asked Dec 16 '11 at 16:27 tacos_tacos_tacos 1,43653976 Can you clarify what the configuration looks like? Are the outlook clients configured to point to mail.company.com or exchange0.company.com? And what name is on the certificate? –Shane Madden♦ Dec 16 '11 at 16:35 This info has been added in the edit –tacos_tacos_tacos Dec 16 '11 at 16:37 Is it issued from an internal certificate authority where you could easily issue a new certificate with a subject alternate name? If not, then you may need to look at using a different IP address with
Start here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this site About Us Learn more about Stack Overflow the company Business Learn more about hiring http://serverfault.com/questions/618309/exchange-2010-certificate-error-on-internal-outlook-2013-connections developers or posting ads with us Server Fault Questions Tags Users Badges Unanswered Ask Question _ Server Fault is a question and answer site for system and network administrators. Join them; it only takes a minute: Sign up Here's how it works: Anybody can ask a question Anybody can answer The best answers are voted up and rise to the top Exchange 2010 - Certificate error on internal Outlook 2013 connections up vote 0 down vote favorite I have an exchange 2010 Exchange 2010 and Outlook 2003. The exchange server has a wildcard SSL certificate installed *.domain.com, (for use with autodiscover.domain.com and mail.domain.com). The local fqdn of the Exchange server is exch.domain.local. With this configuration there is no problem. Now I started upgrading all Outlook 2003 to Outlook 2013, and I start to get consistently a certificate error in Outlook : The Name on the security certificate is invalid or does not match the name of the site I understand why I exchange 2010 ssl get that error: Outlook 2013 is connecting to exch.domain.local while the certificate is for *.domain.com. I was ready to buy a SAN (Subject Alternate Names) Certificate, that contains the three domains exch.domain.local, mail.domain.com, autodiscover.domain.com. But there is a hindrance: the certificate provider (in my case Godaddy) requires that the domain is validated as being our property. Now it is not possible for an internal domain that is not accessible from the internet. So this turns out not to be an option. Create self-signed SAN certificate with an Enterprise CA is an other option that is barely viable: There would be certificate error with every access to webmail, and I had to install the certificate on all Outlook clients. What is a recommended viable solution ? Is it possible to disable certificate checking in Outlook ? Or how could I change the Exchange server configuration so that the public domain name is used for all connections ? How to change the main FQDN of the Exchange server, as suggested in the answer, without the need of reinstalling the server ? Or is there another solution I'm not thinking of ? Any advice is welcome. exchange-2010 ssl-certificate outlook-2013 share|improve this question edited Aug 20 '14 at 7:44 asked Aug 6 '14 at 6:56 Lorenz Meyer 2982420 Why are you using .local at all? –Joe Sniderman Aug 6 '14 at 8:47 @JoeSniderman Because our AD domain is sbgmb.lo