Solved

Outlook Invalid Security Certificate Rpc setup?

Posted on 2008-06-10
10
886 Views
Last Modified: 2011-10-19
Hey all,

Real quick question I think I have rpc setup correclty its just everytime I use the test account setup to access it remotley I get the attached error, Now of course my certificate is not valid does it need to be and if so where can I purchase one and how to implement it?
Untitled.jpg
0
Comment
Question by:AmityNA
  • 5
  • 4
10 Comments
 
LVL 15

Assisted Solution

by:LegendZM
LegendZM earned 480 total points
ID: 21753970
See my post here: http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_23473145.html

It goes over everything you need to know about installing a certificate into your Exchange server.
0
 
LVL 2

Author Comment

by:AmityNA
ID: 21754119
Great thanks for the link but I am kinda green to all this so is that saying that I have to purchase a certificate and what certificate do I need? Also this is the current one that is in the rpc. I do not run exchange 2007 as well I am running sbs 2003 which I dont know if that makes a difference? I am able to access the email through owa with no problems
New1.bmp
0
 
LVL 15

Assisted Solution

by:LegendZM
LegendZM earned 480 total points
ID: 21754174
oh, if you are running Exchange 2003, you do not need a UCC certificate, just a regular certificate will do.

You need to purchase one by the address people access your server by   'mail.yourdomain.com'   webmail.yourdomain.com
whatever the common name is that people access Outlook web access by,

www.godaddy.com the basic cert for $30 will be fine, then install it on the 'default web site'  They'll provide instructions for installing the cert and generating it once you've purchased it.
0
 
LVL 2

Author Comment

by:AmityNA
ID: 21754274
Ok great so I take it that certificate that is present in the screenshot is not what I am looking for? Like I said I can access my web workplace remotley with using say exchange.amitymachine.com

Thanks
0
 
LVL 2

Author Comment

by:AmityNA
ID: 21754308
Like I said very green I appreciate your patience, So I am purchasing a ssl certificate
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 15

Assisted Solution

by:LegendZM
LegendZM earned 480 total points
ID: 21754377
Make sure you are purchasing it for the domain that people access outlook web access from outside of your office.
0
 
LVL 6

Assisted Solution

by:raptorjb007
raptorjb007 earned 20 total points
ID: 21754491
As LegendZM mentioned you do need to configure SSL on the exchange server if not already configured.

The clients also need to have the Certificate for the Root Certificate Authority that granted your exchange server its certificate installed, otherwise the client will not trust the exchange server and the RCP-over-http connection will fail. With this in mind, using a purchased certificate from a commercial SSL provider will greatly simplify installations as windows trusts most commercial SSL providers by default. You can however install your own Root Certificate authority and generate your own exchange -certificate, in this case you will have to manually install the certificate for your Certificate Authority on each client PC.

Server SBS generates its own certificate by default, if you wish to use the one already installed you will have to export that certificate and install it on each client as I previously mentioned.

To export the Certificate for the RootCA do the following.
Open IIS Manager,
-Browse to the "default website", right click and choose properties
-Click on "Directory Security", then "View Certificate"
-Choose the "Certificate Path" Tab
-In the certificate oath tab you should see a tree with two certificztes listed, one is the Certificate Authority certificate, the other is the Exchange IIS Certificate.
-Click on the Certificate at the top of the tree, then click on view.
-In the certificate properties windows, click on the details tab, then choose "copy to file.
-Click Next, choose DER encoded, click next, choose a name and location to save this certificate.

To install your CA certificate on a client so that outlook trusts the exchange server.
-Log into the PC as an administrator
-Copy the certificate file to the PC
-Right click the certificate, choose "install certificate".
-Choose next, select "Place all certificate dint he following store", select browse.
-Check the box to "show physical stores", in the path tree expand "third party root certificate authorities", and select "Local Computer"
-Click OK, click next, click finish.

This should resolve the issue of a outlook client not trusting your self-signed certificate form the small business server. To avoid these steps, purchase a commercial certificate.
0
 
LVL 15

Assisted Solution

by:LegendZM
LegendZM earned 480 total points
ID: 21754540
Since he's purchasing a signed SSL certificate he won't need to install the self signed cert.
0
 
LVL 2

Author Comment

by:AmityNA
ID: 21754740
I purchased it already now question is do I need to put this on the client machines as well or no
0
 
LVL 15

Accepted Solution

by:
LegendZM earned 480 total points
ID: 21754902
Nope, you just need to follow their FAQ to generate the certificate request, then install the certificate on IIS and enforce SSL.

because it's a signed authority they won't need it installed as "godaddy" is a trusted source.

I would the advise contacting them for instructions on how to install the certificate, trusted authorties each have their own instructions, there should be a picture tutorial somewhere in the member account area.
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Utilizing an array to gracefully append to a list of EmailAddresses
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

947 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now