Certificate for Exchange 2007 Mail/Hub Server

Posted on 2009-04-07
Last Modified: 2013-11-29
I have two exchange servers, one is a Mail/Hub server and the other is a CAS server.  The CAS server has a working UCC Certificate on it, we are having no problems.  I recently setup secure imap for our field offices to use and had to get secure smtp working for their outgoing mail.  We are currently in a mixed environement during migration and have 2 2003 servers up also.  I set a NAT rule in the firewall for any traffic coming in on port 587 (send connector already in place for smtp) to be pushed to the 2007 Mail/Hub server.  I can set it all up in thunderbird (or any other app) and point both incoming and outgoing to go to my CAS.  It all works well, except every time i send a message I get prompted with an error:

"You have attempted to establish a connection with "CAS Server".  However, the security certificate presented belongs to "Mail/Hub Server".  It is possible, though unlikely, that someone may be trying to intercept your communication with this website."

Then I can either cancel, hit ok, or view cert.  If I hit ok, it goes through, but prompts me for every send.  The only public facing cert is on the CAS, yet the error indicates the cert is on the mail/hub.  Is this a thunderbird issue, or is there some certificate work I can do to solve this?  Do I need a certificate for my mail/hub.  Do I need to add the Mail/Hub server as a SAN in the UCC?
Question by:Lucas Bruch
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
LVL 31

Assisted Solution

Paranormastic earned 100 total points
ID: 24090952
Your UC cert should have at minimum:
servername (netbios name)

Is this the case?  If not, contact your cert vendor and see if you can get the UC cert reissued with the correct names - usually you can do this for free within 14 or 30 days, depending on the vendor.

Author Comment

by:Lucas Bruch
ID: 24091027
My UCC cert has:

I do not have the .local.  But I do not believe that this has anything to do with autodiscover portion.
LVL 31

Expert Comment

ID: 24091844
yes, typo - last should be server.domain.local, but if that doesn't apply it doesn't really matter anyways I guess...

Take a look at this - see if it helps... skip ahead to the instructions and ignore the opening paragraph.
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

LVL 31

Expert Comment

ID: 24091845

Author Comment

by:Lucas Bruch
ID: 24435021
Well, I got a new UCC Cert with my mail server name on there and it appears to be working.

Accepted Solution

Lucas Bruch earned 0 total points
ID: 24435043
I should note that the server i had to add was for my mail hub server, not my CAS.  If you are going to do secure smtp, be sure to have that in the ucc cert.

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
This video discusses moving either the default database or any database to a new volume.
Suggested Courses
Course of the Month4 days, 4 hours left to enroll

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question