I have two exchange servers, one is a Mail/Hub server and the other is a CAS server. The CAS server has a working UCC Certificate on it, we are having no problems. I recently setup secure imap for our field offices to use and had to get secure smtp working for their outgoing mail. We are currently in a mixed environement during migration and have 2 2003 servers up also. I set a NAT rule in the firewall for any traffic coming in on port 587 (send connector already in place for smtp) to be pushed to the 2007 Mail/Hub server. I can set it all up in thunderbird (or any other app) and point both incoming and outgoing to go to my CAS. It all works well, except every time i send a message I get prompted with an error:
"You have attempted to establish a connection with "CAS Server". However, the security certificate presented belongs to "Mail/Hub Server". It is possible, though unlikely, that someone may be trying to intercept your communication with this website."
Then I can either cancel, hit ok, or view cert. If I hit ok, it goes through, but prompts me for every send. The only public facing cert is on the CAS, yet the error indicates the cert is on the mail/hub. Is this a thunderbird issue, or is there some certificate work I can do to solve this? Do I need a certificate for my mail/hub. Do I need to add the Mail/Hub server as a SAN in the UCC?