Outlook 2010 Certificate Error With Exchange 2007
Contents |
Neal (Exclaimer) Sales & Marketing Manager GROUP SPONSORED BY EXCLAIMER TECHNOLOGY IN THIS DISCUSSION Join the Community! Creating your account only takes a few outlook 2007 security certificate cannot be verified minutes. Join Now Hi All, I need your help. Just started the name on the security certificate is invalid or does not match the name of the site outlook 2010 in a new job and the one of the first things they want me to look at is SSL outlook 2007 certificate warning disable Certificates Outlook issue. Let me explain: Client: Outlook 2010 Exchange: 2007 Every time all users open their outlook they get a certificate warning. (see attachment, sorry but i concealed the server
The Name On The Security Certificate Is Invalid Or Does Not Match The Name Of The Site - Part 1
name for security purposes). but the error is basically saying that the certificate doesn't match the name. This is true, the certificate points to my IIS Server that hosts a website. I don't have a private Certificate Authority currently installed anywhere on my domain. OWA works fine with no errors. I was reading other spiceworks articles saying to associate the Certificate with SMTP, but there was no the name on the security certificate is invalid exchange 2010 internal instructions or guide how to even start. Any one else know? In the mean time I'm guessing I need to install a enterprise root CA on the Exchange server which is also my AD (because i have single forest with a single domain), create a certificate for it and install in the trusted root domain to push to the clients. am i wrong? any thoughts anyone? Appreciate all your help as usual Spiceworks Army! Reply Subscribe RELATED TOPICS: 578:0x000004DC:0x0000001D Send-As permission with Outlook 2010 Exchange 2007 Out of Office not updating changes Outlook 2010/Exchange 2007 Outlook 2010/Exchange 2007 locking up for 20-30 seconds at a time   22 Replies Mace OP hutchingsp Apr 19, 2012 at 11:41 UTC Are the following all pointing to URLs that are included in your SSL certificate? Set-ActiveSyncVirtualDirectory -InternalURL Set-AutodiscoverVirtualDirectory -InternalURL Set-ClientAccessServer -AutodiscoverServiceInternalUri Set-ECPVirtualDirectory -InternalURL Set-OABVirtualDirectory -InternalURL Set-OWAVirtualDirectory -InternalURL Set-WebservicesVirtualDirectory -InternalURL 0 Datil OP Gearhead89 Apr 19, 2012 at 3:19 UTC hutchingsp wrote: Are the following all pointing to URLs that are included in your SSL certificate? Set-ActiveSyncVirtualDirectory -InternalURL Set-AutodiscoverVirtualDirectory -InternalURL Set-ClientAccessServer -AutodiscoverServiceInternalUri Set-ECPVirtualDire
encounter a certificate error in Outlook 2007/2010. I have included a screenshot of the error I encountered with Outlook 2007 : When you choose the View Certificate button, internet security warning outlook 2007 fix it brings up another window that shows you what certificate is in
The Name On The Security Certificate Is Invalid Or Does Not Match The Name Of The Site Exchange 2013
error. In this case, the certificate name is "mail.shudnow.net." So the million dollar question? Why the error? Well,
Certificate Error In Outlook 2007
when we install a new certificate, there are a few tasks we want to do. Obviously, we install the certificate for a purpose. This purpose is till allow us to https://community.spiceworks.com/topic/217805-ssl-certificates-error-outlook-2010-exchange-2007 use Exchange services securely. So how do we enable Exchange to use these services? If you are planning to do a very simple configuration and do not care about external Autodiscover access, you do not need to use a Unified Communication Certificate. You can read more about these certificates in one of my other articles here. So let's say http://www.shudnow.net/2007/08/10/outlook-2007-certificate-error/ we have a simple regular common certificate. A certificate with a Common Name (CN) of mail.shudnow.net We install this certificate onto our Exchange box with its' private key. In our case we were migrating so we did not have to request a certificate via IIS. We just exported it with its' private key and imported onto the new box. We then assigned this certificate to IIS. Now I went to the Exchange Management Shell and enabled Exchange services to use this certificate. In order to do this, you must run the following commands: Get-ExchangeCertificate Thumbprint Services Subject ------- ----- ----- BCF9F2C3D245E2588AB5895C37D8D914503D162E9 SIP.W CN=mail.shudnow.net.com What I did was go ahead and enable all new services to use every available service by using the following command: Enable-exchangecertificate -services IMAP, POP, UM, IIS, SMTP -Thumbprint BCF9F2C3D245E2588AB5895C37D8D914503D162E9 The next step would be to ensure the AutodiscoverInternalURI is pointed to the CAS that will be your primary CAS for Autodiscover servicing. Get-ClientAccessServer -Identity CASServer | FL AutoDiscoverServiceInternalUri : https://casnetbiosname/Autodiscover/Autodiscover.xml See the issue here? We are not using a UC certificate that c
Errors which applies to Outlook 2007, Outlook 2010, and Outlook 2013. You can see that post here. That blog http://www.shudnow.net/2013/07/26/outlook-certificate-error-and-autodiscover-domain-com-not-working/ post describes an incorrect certificate on Exchange itself. For example, you make a connection to Exchange and your InternalURLs, ExternalURLs, and AutodiscoverServiceInternalURI FQDN is not defined on the certificate. Therefore, you must update the InternalURLs, ExternalURLs, and AutodiscoverServiceInternalURI to match the certificate FQDN. This specific issue is a bit different. security certificate This issue is that when you are trying to make a connection to Autodiscover via https://autodiscover.domain.com, the Outlook client does not successfully make a connection to it and you get a certificate error. The certificate you see pop up in Outlook during the error isn't even the certificate that is located the name on on Exchange. The certificate error that pops up shows you that it is finding the certificate on your company's public website. So the million dollar question? Why the error and why is it showing the company's public website's certificate. Well first, let's explore a little on the steps External Autodiscover goes through in order to find Exchange. Internal Autodiscover and the Service Connection Point The Autodiscover service is a mechanism that can do several things. Automatic Mailbox Creation Redirects Outlook 2007/2010/2013 clients to point to the correct server in which their mailbox is located Provides URLs to Web Services for Outlook 2007/2010/2013 When you first launch your Outlook client (Outlook 2007 or above required for Autodiscover access), it will search Active Directory for a Service Connection Point (SCP) record. Every time a CAS Server is installed, it will register this SCP record within Active Directory in the following location: CN=Autodiscover,CN=Protocols,CN=