derektom-hk
asked on
SSL certificate server name is incorrect - Q324345 did not help
Here's our environment:
Exchange 2003 on Windows Server 2003
Outlook clients connect via RPC over HTTPS - no problems
OWA enabled - no problems
server's internal name = exchange.bapsg.local
server's external hostname = sg.bbdoasia.com
Problem:
When trying to create our first Public Folder, in ESM, after clicking on Folders > Public Folders, we get this error and can't continue:
The SSL certificate server name is incorrect.
ID no: c103b404
Exchange System Manager
In Event Viewer > System, this error is logged:
Event ID: 36884
Source: Schannel
Type: Error
Description:
The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is EXCHANGE.bapsg.local. The SSL connection request has failed. The attached data contains the server certificate.
Q324345 had been reported as the solution in at least 1 other similar question on EE but the instructions for resolution did not help.
http://support.microsoft.com/?id=324345
Specifically, in the Exadmin virtual root in IIS, for Directory Security > Secure Communications, "Require secure channel (SSL) check box" was already cleared. Several times I also tried ticking that option, closing, reopening, and then clearing it again but that did not help.
I also understand that in order for RPC over HTTPS to work (which currently does work well), the name in the certificate must match my server's external Internet hostname, sg.bbdoasia.com, which it does now. When I view the certificate under Directory Security > Secure Communications, it states this:
Issued to: sg.bbdoasia.com
Issued by: BAP SG ROOT CA
Certificate status: This certificate is OK.
So there is apparently a conflict in what RPC over HTTPS expects as the server name in the certificate and what ESM espects when creating any Public Folder.
I also tried enabling and disabling SSL on the Esadmin virtual directory (3 or 4 times) and rebooting and that did not help either.
Any solutions?
Thanks in advance for any feedback.
Thanks,
Derek
Exchange 2003 on Windows Server 2003
Outlook clients connect via RPC over HTTPS - no problems
OWA enabled - no problems
server's internal name = exchange.bapsg.local
server's external hostname = sg.bbdoasia.com
Problem:
When trying to create our first Public Folder, in ESM, after clicking on Folders > Public Folders, we get this error and can't continue:
The SSL certificate server name is incorrect.
ID no: c103b404
Exchange System Manager
In Event Viewer > System, this error is logged:
Event ID: 36884
Source: Schannel
Type: Error
Description:
The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is EXCHANGE.bapsg.local. The SSL connection request has failed. The attached data contains the server certificate.
Q324345 had been reported as the solution in at least 1 other similar question on EE but the instructions for resolution did not help.
http://support.microsoft.com/?id=324345
Specifically, in the Exadmin virtual root in IIS, for Directory Security > Secure Communications, "Require secure channel (SSL) check box" was already cleared. Several times I also tried ticking that option, closing, reopening, and then clearing it again but that did not help.
I also understand that in order for RPC over HTTPS to work (which currently does work well), the name in the certificate must match my server's external Internet hostname, sg.bbdoasia.com, which it does now. When I view the certificate under Directory Security > Secure Communications, it states this:
Issued to: sg.bbdoasia.com
Issued by: BAP SG ROOT CA
Certificate status: This certificate is OK.
So there is apparently a conflict in what RPC over HTTPS expects as the server name in the certificate and what ESM espects when creating any Public Folder.
I also tried enabling and disabling SSL on the Esadmin virtual directory (3 or 4 times) and rebooting and that did not help either.
Any solutions?
Thanks in advance for any feedback.
Thanks,
Derek
ASKER
Much thanks for your reply, Simon. Will keep that in mind.
Cheers,
Derek
Cheers,
Derek
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
EE_AutoDeleter,
Sounds good. Much thanks.
Cheers,
Derek
Sounds good. Much thanks.
Cheers,
Derek
ASKER
https://www.experts-exchange.com/questions/21601596/SSL-Certificate-server-name-incorrect-ID-No-c1035404.html?query=SSL+certificate+server+name&clearTAFilter=true
Sorry, I just became a member today and this was my first question...
Can I just close this question or should I just delete it? I figure the description might be helpful for others...
Thanks,
Derek