+ Post New Thread
Results 1 to 3 of 3
Windows Server 2008 R2 Thread, Exchange Certificates in Technical; Hi guys and girls, I'm having an issue with I'm exchange certificates internally, when someone on the PC's opens Outlook ...
  1. #1
    cpjitservices's Avatar
    Join Date
    Jul 2010
    Location
    Hessle
    Posts
    2,525
    Thank Post
    522
    Thanked 293 Times in 269 Posts
    Rep Power
    83

    Exchange Certificates

    Hi guys and girls,

    I'm having an issue with I'm exchange certificates internally, when someone on the PC's opens Outlook they get the pop-up asking if they want to accept the certificate the only reason it's popping up is because the certificate is apparently not trusted!

    How do I go about trusting certificates, I have set certs for IMAP,SMTP,POP and Federation!

    Exchange 2010 SP1 and Outlook 2010.

    Thanks

  2. #2
    DT2
    DT2 is offline
    DT2's Avatar
    Join Date
    May 2011
    Location
    Lakeville, Carleton County, New Brunswick
    Posts
    695
    Thank Post
    140
    Thanked 197 Times in 138 Posts
    Rep Power
    74
    I guess the cert relates to the external address of the server, and clients use it internally too?
    If this is the case then create a new DNS zone, (same as your external domain) and add in an mx for your mail server, change the clients to look for the "external" server address (it will reference this on the new dns zone) and voila!
    Resolved an similar issue I had with 2007 a while back.

    DT

  3. #3

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,239
    Thank Post
    882
    Thanked 2,742 Times in 2,316 Posts
    Blog Entries
    11
    Rep Power
    784
    Open up webmail which uses the same cert on a machine and when it wines about the cert install it. Then from the certificates snapin in mmc export it from the personal store to a file. You can then import this into a group policy under the windows settings > security > PKI (public key infrastructure) which will then deploy it to all of the stations covered under that GP.

    Also make sure that the name is the same internally as it is on the cert as outlined in the post above.

    If you have Exchange 2007 or 2010 and don't have a SAN (Cert with multiple names) then you will also need to change the autodiscovery URLs to all use the name covered by the SSL cert. Exchange 2010 & Single Name SSL Certificates | Cohesive Logic - The Microsoft Infrastructure Experts

SHARE:
+ Post New Thread

Similar Threads

  1. Replies: 15
    Last Post: 11th January 2011, 09:32 AM
  2. exchange 2007 certificates
    By caffrey in forum Windows Server 2008 R2
    Replies: 20
    Last Post: 14th December 2010, 09:06 AM
  3. in a muddle with exchange 2010 sp1 (owa and certificates)
    By sacrej in forum Windows Server 2008 R2
    Replies: 5
    Last Post: 13th October 2010, 09:26 AM
  4. SSL Certificates for Exchange 2007
    By jdibsdale in forum Windows
    Replies: 14
    Last Post: 29th May 2009, 06:40 PM
  5. Exchange Server
    By woody in forum Windows
    Replies: 16
    Last Post: 21st August 2005, 05:52 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •