Alasdairb
asked on
Exchange 2013 autodiscover and SSL cert
Hello
I have just set up my first Exchange 2013 server. It works fine for the internal users on the domain. Now I want to allow access for some external non-domain colleagues. This is what I have done so far, following what I can find on the Internet.
Enabled Split-DNS (http://exchange.sembee.info/network/split-dns.asp)
Set the internal and external URLs of the following directories to https://remote.mydomain.com/whatever ... ECP, EWS, ActiveSync, OAB, OWA, Powershell
(http://www.mustbegeek.com/configure-external-and-internal-url-in-exchange-2013/)
From the same article I modified the internal and external URL of Outlook Anywhere by going to ECP, Servers, Servers, Outlook Anywhere tab.
Finally I ran the following powershell command to change the Autodiscover URL
Get-ClientAccessServer | Set-ClientAccessServer -AutoDiscoverServiceIntern
At this point I have not created or applied for a third party SSL certificate. This is my next step but I am trying to test first. But at the moment if I try to set up an account from an external PC, I get a warning about the SSL cert, I click Continue and get the error in the attached file.
Is my problem caused because I have not got a proper certificate or haOutlookAnywhere-error.rtfve I done something wrong / missed something in my config so far?
When I apply for the certificate do I need to have remote.mydomain.com AND autodiscover.mydomain.com as a SAN? Or just remote.mydomain.com?
Thanks very much in advance.
Alasdair
I have just set up my first Exchange 2013 server. It works fine for the internal users on the domain. Now I want to allow access for some external non-domain colleagues. This is what I have done so far, following what I can find on the Internet.
Enabled Split-DNS (http://exchange.sembee.info/network/split-dns.asp)
Set the internal and external URLs of the following directories to https://remote.mydomain.com/whatever ... ECP, EWS, ActiveSync, OAB, OWA, Powershell
(http://www.mustbegeek.com/configure-external-and-internal-url-in-exchange-2013/)
From the same article I modified the internal and external URL of Outlook Anywhere by going to ECP, Servers, Servers, Outlook Anywhere tab.
Finally I ran the following powershell command to change the Autodiscover URL
Get-ClientAccessServer | Set-ClientAccessServer -AutoDiscoverServiceIntern
At this point I have not created or applied for a third party SSL certificate. This is my next step but I am trying to test first. But at the moment if I try to set up an account from an external PC, I get a warning about the SSL cert, I click Continue and get the error in the attached file.
Is my problem caused because I have not got a proper certificate or haOutlookAnywhere-error.rtfve I done something wrong / missed something in my config so far?
When I apply for the certificate do I need to have remote.mydomain.com AND autodiscover.mydomain.com as a SAN? Or just remote.mydomain.com?
Thanks very much in advance.
Alasdair
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Happy to have helped.
ASKER
Thanks for the reply. I applied for a digicert certificate with both URLs and got it approved and the cert mailed back within ten minutes, and yes, all works fine now.
Thanks again.
Alasdair