Outlook 2007 Certificate Security Warning.

We have Exchange 2007 Server and when setting up Outlook 2007 for users, i get a Certificate Security Alert saying -
"The name on the security certificate is invalid or does not match the name of the site "

if i were to buy the SSL certs from verisign, how many do i need? just one or two? because my understanding is that you only need one cert that contains one or more "subject alternative names" - right?

(or) the auto discover service requires a second certificate?

i want to be able to use Outlook Anywhere, OWA, AutoDiscover and for Cell Phones that can download emails from our exchange server. Would the SSL cert solve these issues?
rdvargheseAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

a0k0a7Commented:
Yes it will, you only need 1 SSL certificate.

If you plan to have more mail servers then you will need 1 SSL per unique IP address or you could get a wildcard SSL which allow you to *.domains.com
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
JordanMrazekCommented:
FYI, after you add the external SSL cert, you will continue to get the SSL mismatch warning. You have to do two things;

update the FQDN of the Exchange 2007 Client Receive connector to match that of your SSL cert. if you obtained a wildcard cert, then use <any host name>.<your SSL cert domain name>.com.

then, and here is the kicker, go to the email account config window for your outlook 2007 clients, and change the servername to match the FDQN you aplied, and hit Check Name. the server name will resolve back to whatever your original A/D server name is, so you will get the impression that nothing changed, but the fact is that if you do not change this setting in the Outlook profile, you would continue to get the server mismatch warning, even though it looks like Outlook is going to connect using your A/D name.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SSL / HTTPS

From novice to tech pro — start learning today.