+ Post New Thread
Results 1 to 6 of 6
Windows Server 2008 R2 Thread, New Exchange 2010 Cert issue in Technical; I've just purchased a new cert for our exchange server (our old one was Self Signed). All internal clients connect ...
  1. #1
    jmair's Avatar
    Join Date
    Aug 2007
    Posts
    274
    Thank Post
    58
    Thanked 9 Times in 9 Posts
    Rep Power
    16

    New Exchange 2010 Cert issue

    I've just purchased a new cert for our exchange server (our old one was Self Signed). All internal clients connect to the exchange server at server.domain.int. The new cert was made for domain.org.
    Now every client machine is getting a cert error when they open up Outlook. "The name on the security certificate is invalid or does not match the name of the site."

    Oops.

    What's the fastest way to fix this issue?

  2. #2

    EduTech's Avatar
    Join Date
    Aug 2007
    Location
    Reading
    Posts
    5,048
    Thank Post
    160
    Thanked 913 Times in 716 Posts
    Blog Entries
    3
    Rep Power
    271
    This should help you out, it has appeared on here a couple of times so it might be worth doing a search on the forum also.

    Security warning when you start Outlook 2007 and then connect to a mailbox that is hosted on a server that is running Exchange Server 2007 or Exchange Server 2010: "The name of the security certificate is invalid or does not match the name of

    You basically just need to run a script in powershell to update some settings, like autodiscover etc.

    James.

  3. #3

    Join Date
    Dec 2008
    Location
    Essex
    Posts
    2,137
    Thank Post
    1
    Thanked 326 Times in 316 Posts
    Rep Power
    77
    Hi

    That KB seems helpful.

    Have you tested external access. It's nice to have a SAN certificate for Exchange, helps out.

    Sukh

  4. #4
    chrisbrown's Avatar
    Join Date
    Aug 2010
    Location
    Melbourne, Australia
    Posts
    103
    Thank Post
    2
    Thanked 16 Times in 14 Posts
    Rep Power
    16
    Obtaining a SAN cert is really the way to go. It's a little more expensive but will save you lots of hassle in the long run. Put all names in that any user is likely to access your servers via. It's important that you put your external OWA URL as the primary subject name in this cert too.

  5. #5
    mb2k01's Avatar
    Join Date
    Jan 2007
    Posts
    1,133
    Thank Post
    189
    Thanked 228 Times in 194 Posts
    Rep Power
    92
    I'd recommend getting a UC cert. You can put multi domains within the cert to cover for server.internal, server.exernal.com plus autodiscover. and owa. etc
    I've used Comodo for the last could of years, really good pre and post sale support. Fairly sure they sell to the US too.

  6. #6

    Join Date
    Mar 2011
    Posts
    5
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    this is almost certainly an SAN ( subject alternative name ) issue. Make sure that you have SAN`s for all possible references to the server in your cert. For instance mail.yourdomain.com for external the servername.FQDN.com for internal referencing.
    Additional you will need autodiscover.fqdn

    As the post above mentions you will need to run the ps1 script for setting the autodiscover service url.

SHARE:
+ Post New Thread

Similar Threads

  1. Exchange 2010 iphone issue
    By MaXiM in forum Windows Server 2008
    Replies: 24
    Last Post: 7th March 2013, 07:12 PM
  2. Exchange ssl cert up for renewal.. who to use?
    By RabbieBurns in forum Internet Related/Filtering/Firewall
    Replies: 29
    Last Post: 9th March 2011, 09:54 AM
  3. [Exchange 2010] Mailbox database issue/quandry
    By leco in forum Windows Server 2008 R2
    Replies: 2
    Last Post: 15th September 2010, 04:42 PM
  4. Exchange 2010, new cert, OWA dead.
    By RabbieBurns in forum Windows Server 2008 R2
    Replies: 4
    Last Post: 30th April 2010, 03:02 PM
  5. exchange 2010 installation issue
    By RabbieBurns in forum Windows Server 2008 R2
    Replies: 15
    Last Post: 24th November 2009, 08:09 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •