Do not use on any
shared computer
September 5, 2008 09:58pm pdt
 
[x]
Attachment Details

Outlook cannot connect to Exchange server using RPC over HTTPs

Zones: SBS Small Business Server, Exchange Email Server, Windows 2003 Server
Tags: Microsoft, SBS, 2003 R2 Standard, RPC over HTTP / SSL / Outlook 2007, ... problem with the proxy server's security certificate ...  security certificate is invalid or does not match the name of the target site ... unable to connect to the proxy server ... Error Code 0
Using SBS 2003 R2.

Followed all the standard wizards.

Installed SSL certificate from godaddy.

IE accepts certificate on OWA

When run Outlook 2007 comes up with the error (as http://support.microsoft.com/kb/923575) :

Microsoft Office Outlook
There is a problem with the proxy server's security certificate.
The name on the certificate is invalid or does not match the name of the target site xx.domain.tld
Outlook is unable to connect to the Proxy Server. (Error Code 0)

If I click OK it simply continues to ask for the username and password which I'm entering as DOMAIN\username. It won't 'fail authentication' it just keeps asking for it.

The installation of Outlook here has been setup against other Exchange servers and seems fine. However I did try and use another machine with Exchange 2007 installed and it does the same as above, but without the initial "outlook is unable to connect to the proxy server" error.

I've tried re-keying/installing the godaddy certificate
I've tried a free Comodo certificate
I've tried the certificate that SBS installs as standard (and installed it on the client machine)
I've tried uninstalling and re-installing PRC over HTTP on the server
Tried re-running the "connect to the internet" wizard
Followed the instructions at http://www.petri.co.il/configure_rpc_over_https_on_a_single_server.htm
Have run the file that modifys the registry entries at http://www.petri.co.il/software/rpcnofrontend.zip

Any help greatly appreciated.
Start your free trial to view this solution
[x]
The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

  • The Grade of the Solution
  • The Zone Rank of the Expert Providing the Solution
  • The Number of Author and Expert Comments
  • The Number of Experts Contributing
  • The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!
9.1
Question Stats
Zone: OS
Question Asked By: delinek
Solution Provided By: otter77
Participating Experts: 3
Solution Grade: A
Views: 354
Translate:
Loading Advertisement...
 
[+][-]Expert Comment by otter77
Expert Comment by otter77:

All comments and solutions are available to Premium Service Members only.

Start your 7-day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
 
[+][-]Author Comment by delinek
Author Comment by delinek:

All comments and solutions are available to Premium Service Members only.

Start your 7-day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
 
[+][-]Expert Comment by otter77
Expert Comment by otter77:

All comments and solutions are available to Premium Service Members only.

Start your 7-day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
 
[+][-]Accepted Solution by otter77
Accepted Solution by otter77:

All comments and solutions are available to Premium Service Members only.

Start your 7-day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
 
[+][-]Author Comment by delinek
Author Comment by delinek:

All comments and solutions are available to Premium Service Members only.

Start your 7-day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
 
[+][-]Expert Comment by otter77
Expert Comment by otter77:

All comments and solutions are available to Premium Service Members only.

Start your 7-day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
 
Loading Advertisement...
Open Discussion
Open Discussion
 
Comment by logicalstepcomp
You could also use your static ip Address as the certificate
this works well or a tzo name
extra info on http://www.logicalstep.com.au/SBS-2003-installation-tips.htm
 
 
Comment by ismog_tech
I got some minor issues with GoDaddy certificates, try this one saved my life in a couple occasions

P.S. This is directly from GoDaddy Support and is related to problem with the certification authority chaining.

Dear Secured Certificate Customer,

Thank you for contacting us.

The issue you have is caused by either the presence of a GoDaddy root certificate in your trusted root certificate store located on your server, or a mis-installation of the intermediate certificates.

You need to do the following.

Go to Start...then Run, and type in MMC.

Once the MMC Console root is open, hit ctrl + m. This will bring up the Add/Remove Snap-In dialog box.

Select "Add"

In the Add Standalone Snap-in dialog box, choose "Certificates"; then click the "Add" button.

In the Certificates snap-in box it is very important you choose "Computer account," hit "Next," and then "Local computer."

Finish out of the standalone boxes and view the Console Root window. You should now see a Console Root folder, with a Certificates folder under it, and a list of folders under the Certificates icon/folder.

Open the "Trusted Root Certification Authorities" folder and then go to the "Certificates" sub folder and open it.

Seach the alphabetical listing for a GoDaddy Class 2 root certificate.

a) Right click the Go Daddy certificate
b) Select "Properties"
c) Select the radio button for "Disable all purposes for this certificate"
d) Click Ok

Then, in the Console Root window, expand on the Intermediate Certification Authorities folder and open the Certificates folder.

Find any GoDadddy certificates listed there and remove them.

Browse to https://certificates.godaddy.com/Repository.go

Download the following files:

gd_cross_intermediate.crt
gd_intermediate.crt

Then right click on the root or top level folder for the Intermediate Certification Authorities folder, choose All Tasks, and the Import option.

It is imperitive you install these files in the following order.

Browse to the gd_cross_intermediate.crt file and choose it.

Place it in the Intermediate Certification Authorities.

After completing the cross intermediate, do the same process, but this time for the intermediate certificate.

Next go to the "Personal" folder and open the Certificates folder.

If you have any expired or unused certificates in this folder, especially for the same domain you are working on, remove them.

Also, open the IE browser on your server and go to Tools/Internet Options/Content and click on the "Certificates" button and check the Trusted Root folder in it. Search for a GoDaddy Class 2 trusted root. If there is a GoDaddy listed, remove it.

Stop and Start IIS.
 
 
20080723-EE-VQP-34 / EE_QW_2_20070628