SSL Web server issues with incorrect cert OWA

Currently we has a ssl cert installed that has been registers with the CA.  We have it installed on our exchange server for a secured OWA connection.  the cert is mail.domainA.com.  The problem i am having is that we have an internal website that we have create to allow users to connect to OWA as well.  When we try and use https://mail.domainA.com as the link it just flashes and does not allow the user to connect.  If we set it up as https://mailserver/exchange, it works great but the ssl doesn't match so it gives a warning that you have to click yes to.  I have also tried https://mail.domainA.com/exchange, this gets to the login page without the ssl warning but doesn't allow you to login.

i guess my question is... can i add another cert from the webserver to the exchange server so there is no certificate error?

I am using the forms base authentication.

hope someone can help!
lgropperAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

mikeleebrlaCommented:
this is yet another reason not to use different internal and external domain names.  But anyway, when you are on your lan and you go to https://mail.domainA.com/exchange, what IP address is it going to? the internal or external?  if you do nslookup mail.domaina.com it should tell you.  You shouldn't have to create another certificate if you properly setup your DNS so that you can reach your email server via its registered external domain internally (since that is the FQDN that you created the certificate for, it should work.

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
lgropperAuthor Commented:
it seems nslookup is saying the it can't find the name of the server.  It finds the ip of the DNS server but no name.  DNS is setup correctly and there is a ptr record for the dns server.  This is definitely the issue, i'm trying to track down the problem.  I have numerous other servers on the same subnet with the same settings and nslookup works fine.
0
mikeleebrlaCommented:
all that means is that you dont have a reverse DNS record for YOUR internal DNS server (assuming you are pointed to your internal DNS server)

think about it.  why would NSLOOKUP need to find the name of the server since YOU inputed the name of the server and you are asking it for the IP.

this really has nothing to do with the cert however.

0
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

lgropperAuthor Commented:
thats the thing though, i do have one.  i have 5 other servers that don't have an issue looking up the name of the server. all the dns settings are the same across all servers.
0
mikeleebrlaCommented:
can you post the exact results you get from the nslookup please?
0
lgropperAuthor Commented:
This is from the server i am having issues.

C:\>nslookup
DNS request timed out.
    timeout was 2 seconds.
*** Can't find server name for address 192.160.100.13: Timed out
Default Server:  UnKnown
Address:  192.160.100.13

this is on another server in the same subnet and domain.

H:\>nslookup
Default Server:  server1.domainA.com
Address:  192.168.100.13

Please note i changed the servername as i don't want to post ours.
0
lgropperAuthor Commented:
i found the issue... long days and nights have typo's... dns server was wrong!

thanks for the point in the corret direction.

chad
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.