Solved

Outlook Invalid Security Certificate Rpc setup?

Posted on 2008-06-10
10
889 Views
Last Modified: 2011-10-19
Hey all,

Real quick question I think I have rpc setup correclty its just everytime I use the test account setup to access it remotley I get the attached error, Now of course my certificate is not valid does it need to be and if so where can I purchase one and how to implement it?
Untitled.jpg
0
Comment
Question by:AmityNA
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
10 Comments
 
LVL 15

Assisted Solution

by:LegendZM
LegendZM earned 480 total points
ID: 21753970
See my post here: http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_23473145.html

It goes over everything you need to know about installing a certificate into your Exchange server.
0
 
LVL 2

Author Comment

by:AmityNA
ID: 21754119
Great thanks for the link but I am kinda green to all this so is that saying that I have to purchase a certificate and what certificate do I need? Also this is the current one that is in the rpc. I do not run exchange 2007 as well I am running sbs 2003 which I dont know if that makes a difference? I am able to access the email through owa with no problems
New1.bmp
0
 
LVL 15

Assisted Solution

by:LegendZM
LegendZM earned 480 total points
ID: 21754174
oh, if you are running Exchange 2003, you do not need a UCC certificate, just a regular certificate will do.

You need to purchase one by the address people access your server by   'mail.yourdomain.com'   webmail.yourdomain.com
whatever the common name is that people access Outlook web access by,

www.godaddy.com the basic cert for $30 will be fine, then install it on the 'default web site'  They'll provide instructions for installing the cert and generating it once you've purchased it.
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 2

Author Comment

by:AmityNA
ID: 21754274
Ok great so I take it that certificate that is present in the screenshot is not what I am looking for? Like I said I can access my web workplace remotley with using say exchange.amitymachine.com

Thanks
0
 
LVL 2

Author Comment

by:AmityNA
ID: 21754308
Like I said very green I appreciate your patience, So I am purchasing a ssl certificate
0
 
LVL 15

Assisted Solution

by:LegendZM
LegendZM earned 480 total points
ID: 21754377
Make sure you are purchasing it for the domain that people access outlook web access from outside of your office.
0
 
LVL 6

Assisted Solution

by:raptorjb007
raptorjb007 earned 20 total points
ID: 21754491
As LegendZM mentioned you do need to configure SSL on the exchange server if not already configured.

The clients also need to have the Certificate for the Root Certificate Authority that granted your exchange server its certificate installed, otherwise the client will not trust the exchange server and the RCP-over-http connection will fail. With this in mind, using a purchased certificate from a commercial SSL provider will greatly simplify installations as windows trusts most commercial SSL providers by default. You can however install your own Root Certificate authority and generate your own exchange -certificate, in this case you will have to manually install the certificate for your Certificate Authority on each client PC.

Server SBS generates its own certificate by default, if you wish to use the one already installed you will have to export that certificate and install it on each client as I previously mentioned.

To export the Certificate for the RootCA do the following.
Open IIS Manager,
-Browse to the "default website", right click and choose properties
-Click on "Directory Security", then "View Certificate"
-Choose the "Certificate Path" Tab
-In the certificate oath tab you should see a tree with two certificztes listed, one is the Certificate Authority certificate, the other is the Exchange IIS Certificate.
-Click on the Certificate at the top of the tree, then click on view.
-In the certificate properties windows, click on the details tab, then choose "copy to file.
-Click Next, choose DER encoded, click next, choose a name and location to save this certificate.

To install your CA certificate on a client so that outlook trusts the exchange server.
-Log into the PC as an administrator
-Copy the certificate file to the PC
-Right click the certificate, choose "install certificate".
-Choose next, select "Place all certificate dint he following store", select browse.
-Check the box to "show physical stores", in the path tree expand "third party root certificate authorities", and select "Local Computer"
-Click OK, click next, click finish.

This should resolve the issue of a outlook client not trusting your self-signed certificate form the small business server. To avoid these steps, purchase a commercial certificate.
0
 
LVL 15

Assisted Solution

by:LegendZM
LegendZM earned 480 total points
ID: 21754540
Since he's purchasing a signed SSL certificate he won't need to install the self signed cert.
0
 
LVL 2

Author Comment

by:AmityNA
ID: 21754740
I purchased it already now question is do I need to put this on the client machines as well or no
0
 
LVL 15

Accepted Solution

by:
LegendZM earned 480 total points
ID: 21754902
Nope, you just need to follow their FAQ to generate the certificate request, then install the certificate on IIS and enforce SSL.

because it's a signed authority they won't need it installed as "godaddy" is a trusted source.

I would the advise contacting them for instructions on how to install the certificate, trusted authorties each have their own instructions, there should be a picture tutorial somewhere in the member account area.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Finding original email is quite difficult due to their duplicates. From this article, you will come to know why multiple duplicates of same emails appear and how to delete duplicate emails from Outlook securely and instantly while vital emails remai…
Read this checklist to learn more about the 15 things you should never include in an email signature.
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
how to add IIS SMTP to handle application/Scanner relays into office 365.

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question