?
Solved

SSL Web server issues with incorrect cert OWA

Posted on 2006-11-13
7
Medium Priority
?
205 Views
Last Modified: 2010-04-18
Currently we has a ssl cert installed that has been registers with the CA.  We have it installed on our exchange server for a secured OWA connection.  the cert is mail.domainA.com.  The problem i am having is that we have an internal website that we have create to allow users to connect to OWA as well.  When we try and use https://mail.domainA.com as the link it just flashes and does not allow the user to connect.  If we set it up as https://mailserver/exchange, it works great but the ssl doesn't match so it gives a warning that you have to click yes to.  I have also tried https://mail.domainA.com/exchange, this gets to the login page without the ssl warning but doesn't allow you to login.

i guess my question is... can i add another cert from the webserver to the exchange server so there is no certificate error?

I am using the forms base authentication.

hope someone can help!
0
Comment
Question by:lgropper
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 25

Accepted Solution

by:
mikeleebrla earned 1200 total points
ID: 17933301
this is yet another reason not to use different internal and external domain names.  But anyway, when you are on your lan and you go to https://mail.domainA.com/exchange, what IP address is it going to? the internal or external?  if you do nslookup mail.domaina.com it should tell you.  You shouldn't have to create another certificate if you properly setup your DNS so that you can reach your email server via its registered external domain internally (since that is the FQDN that you created the certificate for, it should work.

0
 

Author Comment

by:lgropper
ID: 17938695
it seems nslookup is saying the it can't find the name of the server.  It finds the ip of the DNS server but no name.  DNS is setup correctly and there is a ptr record for the dns server.  This is definitely the issue, i'm trying to track down the problem.  I have numerous other servers on the same subnet with the same settings and nslookup works fine.
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 17938787
all that means is that you dont have a reverse DNS record for YOUR internal DNS server (assuming you are pointed to your internal DNS server)

think about it.  why would NSLOOKUP need to find the name of the server since YOU inputed the name of the server and you are asking it for the IP.

this really has nothing to do with the cert however.

0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 

Author Comment

by:lgropper
ID: 17949591
thats the thing though, i do have one.  i have 5 other servers that don't have an issue looking up the name of the server. all the dns settings are the same across all servers.
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 17949616
can you post the exact results you get from the nslookup please?
0
 

Author Comment

by:lgropper
ID: 17949648
This is from the server i am having issues.

C:\>nslookup
DNS request timed out.
    timeout was 2 seconds.
*** Can't find server name for address 192.160.100.13: Timed out
Default Server:  UnKnown
Address:  192.160.100.13

this is on another server in the same subnet and domain.

H:\>nslookup
Default Server:  server1.domainA.com
Address:  192.168.100.13

Please note i changed the servername as i don't want to post ours.
0
 

Author Comment

by:lgropper
ID: 17949790
i found the issue... long days and nights have typo's... dns server was wrong!

thanks for the point in the corret direction.

chad
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…

718 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question