+ Post New Thread
Results 1 to 4 of 4
Enterprise Software Thread, Exchange 2007 Certs Problem - "The name on the Certificate is invalid......." in Technical; We have 2 certs, one purchased from from Geohost ({autodiscover.wolverley.worcs.sch.uk, webmail.wolverley.worcs.sch.uk} and a self-signed cert. {mail, mail.Wolverley.local} I've just renewed ...
  1. #1

    Join Date
    Aug 2007
    Posts
    811
    Thank Post
    98
    Thanked 64 Times in 46 Posts
    Rep Power
    25

    Exchange 2007 Certs Problem - "The name on the Certificate is invalid......."

    We have 2 certs, one purchased from from Geohost ({autodiscover.wolverley.worcs.sch.uk, webmail.wolverley.worcs.sch.uk} and a self-signed cert. {mail, mail.Wolverley.local}
    I've just renewed our self-signed SSL certificate as it had expired. I used the command "Get-ExchangeCertificate –Thumbprint “XXXXXXXXXXXXXXXXXXXXX” | New-ExchangeCertificate"
    This worked fine.....

    But now we are getting popups saying "webmail.wolverley.worcs.sch.uk - The name on the security certificate is invalid or does not match the name of the site" at school and also now when we try and access our OWA (https://webmail.wolverley.worcs.sch.uk), it appears to be using the self singed cert instead of the GeoHost cert?

    Ive run through http://support.microsoft.com/kb/940726 and this hasn't changed anything.

    Here are the results from:
    Get-ExchangeCertificate |fl
    Get-WebServicesVirtualDirectory | fl
    Get-ClientAccessServer | fl

    Can anyone please advice what I have set incorrectly??

    Code:
    AccessRules        : {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAccessRule}
    CertificateDomains : {mail, mail.Wolverley.local}
    HasPrivateKey      : True
    IsSelfSigned       : True
    Issuer             : CN=mail
    NotAfter           : 15/03/2013 11:03:04
    NotBefore          : 15/03/2012 11:03:04
    PublicKeySize      : 2048
    RootCAType         : None
    SerialNumber       : 16C35989EB2BDEB14623F89348ED650D
    Services           : IIS, SMTP
    Status             : Valid
    Subject            : CN=mail
    Thumbprint         : 0437788E65A3652B83A7CD25C143A650709E2F73
    
    AccessRules        : {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAccessRule}
    CertificateDomains : {autodiscover.wolverley.worcs.sch.uk, webmail.wolverley.worcs.sch.uk}
    HasPrivateKey      : True
    IsSelfSigned       : False
    Issuer             : CN=GeoTrust SSL CA, O="GeoTrust, Inc.", C=US
    NotAfter           : 06/03/2014 08:59:05
    NotBefore          : 02/02/2011 06:42:39
    PublicKeySize      : 2048
    RootCAType         : ThirdParty
    SerialNumber       : 60A4
    Services           : IMAP, POP, SMTP
    Status             : Valid
    Subject            : CN=autodiscover.wolverley.worcs.sch.uk, OU=GT94688674, O=Wolverley CofE Secondary School, L=Kidderminster, S=Worcestershire, C=GB, SERIALNUMBER=XXXXXXXXXXXXXX/
    Thumbprint         : 9E1B647EAXXXXXXXXXXXBE4546B4478A5CCB
    
    
    
    
    InternalNLBBypassUrl          : https://mail.wolverley.local/ews/exchange.asmx
    Name                          : EWS (Default Web Site)
    InternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated}
    ExternalAuthenticationMethods : {Basic, Ntlm, WindowsIntegrated}
    BasicAuthentication           : True
    DigestAuthentication          : False
    WindowsAuthentication         : True
    MetabasePath                  : IIS://mail.Wolverley.local/W3SVC/1/ROOT/EWS
    Path                          : D:\Program Files\Microsoft\Exchange Server\ClientAccess\exchweb\EWS
    Server                        : MAIL
    InternalUrl                   : https://mail.wolverley.local/ews/exchange.asmx
    ExternalUrl                   : https://webmail.wolverley.local/EWS/Exchange.asmx
    AdminDisplayName              : 
    ExchangeVersion               : 0.1 (8.0.535.0)
    DistinguishedName             : CN=EWS (Default Web Site),CN=HTTP,CN=Protocols,CN=MAIL,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Wolverley,CN
                                    =Microsoft Exchange,CN=Services,CN=Configuration,DC=Wolverley,DC=local
    Identity                      : MAIL\EWS (Default Web Site)
    Guid                          : 3f902766-008a-47d5-9ab1-9b426fa049b1
    ObjectCategory                : Wolverley.local/Configuration/Schema/ms-Exch-Web-Services-Virtual-Directory
    ObjectClass                   : {top, msExchVirtualDirectory, msExchWebServicesVirtualDirectory}
    WhenChanged                   : 15/03/2012 12:37:09
    WhenCreated                   : 31/07/2007 14:46:49
    OriginatingServer             : DC1.Wolverley.local
    IsValid                       : True
    
    
    
    Name                           : MAIL
    OutlookAnywhereEnabled         : True
    AutoDiscoverServiceCN          : mail
    AutoDiscoverServiceClassName   : ms-Exchange-AutoDiscover-Service
    AutoDiscoverServiceInternalUri : https://mail.wolverley.local/autodis...todiscover.xml
    AutoDiscoverServiceGuid        : 77378f46-2c66-4aa9-a6a6-3e7a48b19596
    AutoDiscoverSiteScope          : {Default-First-Site-Name}
    IsValid                        : True
    OriginatingServer              : DC1.Wolverley.local
    ExchangeVersion                : 0.1 (8.0.535.0)
    DistinguishedName              : CN=MAIL,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Wolverley,CN=Microsoft Exchange,CN=Services,CN=Configurati
                                     on,DC=Wolverley,DC=local
    Identity                       : MAIL
    Guid                           : 83fdfee1-eb98-4942-b34e-e0e103b59757
    ObjectCategory                 : Wolverley.local/Configuration/Schema/ms-Exch-Exchange-Server
    ObjectClass                    : {top, server, msExchExchangeServer}
    WhenChanged                    : 15/03/2012 11:03:49
    WhenCreated                    : 31/07/2007 14:40:33
    Last edited by burgemaster; 15th March 2012 at 02:12 PM.

  2. #2

    Join Date
    Aug 2007
    Posts
    811
    Thank Post
    98
    Thanked 64 Times in 46 Posts
    Rep Power
    25
    ok, problem 2 is sorted....
    To get OWA/Webmail to use the correct SSL, The correct SSL needs to have IIS enabled on it under services.

    Enable-ExchangeCertificate – Thumbprint “9E1B647EA0BAD8ACxxxxxxxxxxx6B4478A5CCB” –Services IIS

    This sets the IIS service to the correct SSL for OWA use, where as it was previously listed on the self cert....
    Now just the security popup....
    Last edited by burgemaster; 15th March 2012 at 05:28 PM.

  3. #3

    Join Date
    Dec 2008
    Location
    Essex
    Posts
    2,137
    Thank Post
    1
    Thanked 326 Times in 316 Posts
    Rep Power
    77
    Can you repair the OLK profile and test and create a new one and test.
    How many CAS servers do you have?
    Have you done an IISREST?

  4. Thanks to sukh from:

    burgemaster (16th March 2012)

  5. #4

    Join Date
    Aug 2007
    Posts
    811
    Thank Post
    98
    Thanked 64 Times in 46 Posts
    Rep Power
    25
    It was as simply as an IIS reset!
    Thanks

SHARE:
+ Post New Thread

Similar Threads

  1. Exchange 2007 NDR problem
    By Simcfc73 in forum Enterprise Software
    Replies: 3
    Last Post: 9th September 2011, 03:36 PM
  2. Exchange 2007 GAL problem
    By _techie_ in forum Windows Server 2000/2003
    Replies: 3
    Last Post: 1st November 2010, 11:42 AM
  3. exchange 2007 cert problem,
    By caffrey in forum Windows Server 2008
    Replies: 2
    Last Post: 18th October 2010, 10:41 AM
  4. Exchange 2007 OWA problem
    By mcloum in forum Windows Server 2008
    Replies: 2
    Last Post: 2nd July 2010, 04:18 PM
  5. Exchange 2007 Imap problems
    By irsprint in forum Windows Server 2000/2003
    Replies: 0
    Last Post: 7th October 2009, 06:52 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •