Trying to sort out an SSL mess with our Exchange 2007 box. When I first built exchange I created a self signed cert because we don't publish email externally. which worked great until it expired a year later. To cut a long story short I have now got a certificate from IPSCA.com , and we now have OWA working correctly on SSL. However, we are still having SSL issues....
I'm not able to sync a HP ipaq with my computer via USB as it returns: The security certificate on the server is not valid. Contact your Exchange Server Administrator or ISP to install a valid certificate on the server. Support Code: 80072f0d
Out of Office will not work in Outlook 2007 only in OWA.
Autodiscover testing returns a remote certificate name mismatch.
On Exchange Best Practise Analyzer, we have a few errors:
1) Certificate has expired - The SSL certificate for https://domain.org
2) Certificate principal mismatch - The principal SSL certificate for https://domain.org does not appear to match the host address.
3) Certificate SAN mismatch - The subject alternative name (SAN) of SSL certificat for the IMAP4 service on server mailserver does not appear to match the host address. Host address: mailserver Current SAN: no alternative name.
Our certificate is for domain.local because we don't need to authenticate with domain.org as we only ever authenticate internally. Do we need to get a different certificate?
If anyone's got any suggestions they would be gratefully received!
Thanks for your post robertss, we've now got it all sorted. We did have to redo our self certified SAN certificate with the help of SSL Certificates DigiCert Digital SSL Certificate Authority and added all the necessary names to it. This didn't solve all of our problems though, we had to rebuild our offline address book, autodiscover and change the out of office URL.. but all working now!
After installing the new certificate onto the Ipaq's they are now synchronising too, what a successful day!