slsmith
asked on
Error Validating the certificate name. Certificate name validation failed.
I am having trouble with autodiscover and started troubleshooting here with the ExRCA tool. The results are below. My specific question regarding these results is that it fails near the end when it says Host name domain.com doesn't match any name found on the server certificate. I am not sure where it is pulling this non-fqdn from. The error is true in that nowhere in my SAN certificate does it show only "domain.com".
Thanks,
SLSmith
ExRCA is testing Exchange ActiveSync.
Exchange ActiveSync was tested successfully.
Test Steps
Attempting the Autodiscover and Exchange ActiveSync test (if requested).
Autodiscover was successfully tested for Exchange ActiveSync.
Test Steps
Attempting each method of contacting the Autodiscover service.
The Autodiscover service was tested successfully.
Test Steps
Attempting to test potential Autodiscover URL https://domain.com/AutoDiscover/AutoDiscover.xml
Testing of this potential Autodiscover URL failed.
Test Steps
Attempting to resolve the host name domain.com in DNS.
The host name resolved successfully.
Additional Details
Testing TCP port 443 on host domain.com to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
Test Steps
ExRCA is attempting to obtain the SSL certificate from remote server domain.com on port 443.
ExRCA successfully obtained the remote SSL certificate.
Additional Details
Validating the certificate name.
Certificate name validation failed.
Tell me more about this issue and how to resolve it
Additional Details
Host name domain.com doesn't match any name found on the server certificate CN=mail.domain.com, OU=Domain Control Validated - QuickSSL(R) Premium, OU=See www.geotrust.com/resources/, O=mail.domain.com, C=US, SERIALNUMBER=
Thanks,
SLSmith
ExRCA is testing Exchange ActiveSync.
Exchange ActiveSync was tested successfully.
Test Steps
Attempting the Autodiscover and Exchange ActiveSync test (if requested).
Autodiscover was successfully tested for Exchange ActiveSync.
Test Steps
Attempting each method of contacting the Autodiscover service.
The Autodiscover service was tested successfully.
Test Steps
Attempting to test potential Autodiscover URL https://domain.com/AutoDiscover/AutoDiscover.xml
Testing of this potential Autodiscover URL failed.
Test Steps
Attempting to resolve the host name domain.com in DNS.
The host name resolved successfully.
Additional Details
Testing TCP port 443 on host domain.com to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
Test Steps
ExRCA is attempting to obtain the SSL certificate from remote server domain.com on port 443.
ExRCA successfully obtained the remote SSL certificate.
Additional Details
Validating the certificate name.
Certificate name validation failed.
Tell me more about this issue and how to resolve it
Additional Details
Host name domain.com doesn't match any name found on the server certificate CN=mail.domain.com, OU=Domain Control Validated - QuickSSL(R) Premium, OU=See www.geotrust.com/resources/, O=mail.domain.com, C=US, SERIALNUMBER=
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
And this...
[PS] C:\Windows\system32>get-we bservicesv irtualdire ctory | FL ExternalURL
Creating a new session for implicit remoting of "Get-WebServicesVirtualDir ectory" command...
ExternalUrl : https://mail.domain.com/EWS/Exchange.asmx
Should this just be https://mail.domain.com??
[PS] C:\Windows\system32>get-we
Creating a new session for implicit remoting of "Get-WebServicesVirtualDir
ExternalUrl : https://mail.domain.com/EWS/Exchange.asmx
Should this just be https://mail.domain.com??
Try to test it externally using: https://testexchangeconectivity.com
This information is in the link that Sulimanw posted.
Set-ClientAccessServer -Identity CAS_Server_Name -AutodiscoverServiceIntern alUri https://mail.domain.com/autodiscover/a utodiscove r.xml
Set-ClientAccessServer -Identity CAS_Server_Name -AutodiscoverServiceIntern
ASKER
This is the existing entry...
AutoDiscoverServiceInterna lUri : https://autodiscover.domain.com/autodiscover/autodiscover.xml
"autodiscover" and "mail" point to the same CAS
Thanks for your continued assistance.
AutoDiscoverServiceInterna
"autodiscover" and "mail" point to the same CAS
Thanks for your continued assistance.
ASKER
How does the test tool, ExRCA, even know what my server name is when testing autodiscover? It does say that it is testing a "potential autodiscover url" I only supplied the account credentials to the tool, not my mail server name? Is it just dropping the server name? Does everyone have this problem?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I receive the following results when running this test...
[PS] C:\Windows\system32>Test-O
RunspaceId : c58be9d7-d478-4dab-bfcc-61
Id : 1019
Type : Information
Message : A valid Autodiscover service connection point was found. The Autodiscover URL on this object is https://autodiscover.domain.com/autodiscover/autodiscover.xml.
RunspaceId : c58be9d7-d478-4dab-bfcc-61
Id : 1006
Type : Information
Message : Contacted the Autodiscover service at https://autodiscover.domain.com/autodiscover/autodiscover.xml.
RunspaceId : c58be9d7-d478-4dab-bfcc-61
Id : 1016
Type : Information
Message : [EXCH] The AS service is configured for this user in the Autodiscover response received from https://autod
iscover.domain.com/autodis
RunspaceId : c58be9d7-d478-4dab-bfcc-61
Id : 1015
Type : Information
Message : [EXCH] The OAB service is configured for this user in the Autodiscover response received from https://autodiscover.domain.com/autodiscover/autodiscover.xml.
RunspaceId : c58be9d7-d478-4dab-bfcc-61
Id : 1014
Type : Information
Message : [EXCH] The UM service is configured for this user in the Autodiscover response received from https://autodiscover.domain.com/autodiscover/autodiscover.xml.
RunspaceId : c58be9d7-d478-4dab-bfcc-61
Id : 1016
Type : Information
Message : [EXPR] The AS service is configured for this user in the Autodiscover response received from https://autodiscover.domain.com/autodiscover/autodiscover.xml.
RunspaceId : c58be9d7-d478-4dab-bfcc-61
Id : 1015
Type : Information
Message : [EXPR] The OAB service is configured for this user in the Autodiscover response received from https://autodiscover.domain.com/autodiscover/autodiscover.xml.
RunspaceId : c58be9d7-d478-4dab-bfcc-61
Id : 1014
Type : Information
Message : [EXPR] The UM service is configured for this user in the Autodiscover response received from https://autodiscover.domain.com/autodiscover/autodiscover.xml.
RunspaceId : c58be9d7-d478-4dab-bfcc-61
Id : 1022
Type : Success
Message : Autodiscover was tested successfully.