SSL Certificate Error

Posted on 2009-04-15
Last Modified: 2012-05-06
I have an Exchange 2007 Server. I purchased and installed an SSL certificate from My internal users get a certificate error when they access their email via IE7 or they get a Security alert popup error message through Outlook 2007. Both indicate that the name on the security certificate is invalid or does not match the name of the site. I know that it doesn't match the name of the site, because the name is the external name.

I have performed the following commands (changed to suit the client's environment), which I found at

Set-WebServicesVirtualDirectory -Identity "EWS*" -ExternalUrl "Https://" -InternalUrl "Https://"        

Set-ClientAccessServer -Identity CASserver1 -AutoDiscoverServiceInternalUri

Still no dice. Any help would be much appreciated.

    LVL 4

    Expert Comment


    there will be a work arounds because I cannot tell you how to use two differen certs for internal and external.

    Add a hostname with the external name and the internal ip to your dns server. If not possible you may use the local hosts file (disribute through logonscript).

    LVL 31

    Expert Comment

    Is the certificate you purchased a UC certificate?  If not, you should really get one. has them for very cheap price.

    You will want to include all name references for however you will be accessing things internally and externally, for example:


    You may want to also include the hostname and/or IP address if you choose.

    Note that when you create the CSR a name is assigned as the Subject name, you will need to list this again in the big list of names that the cert will be valid for.

    Expert Comment

    Agree with Paranormastic that you need the four alternate names indicated.  It may just be a typo in your post but there is a space in the address for your internal URL.
    LVL 40

    Accepted Solution


    Author Comment

    Have not tested yet will update asap.


    Author Closing Comment

    The following is the site with the information I was able to use to fix the problem:
    Thank you for your help!

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Threat Intelligence Starter Resources

    Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

    Email statistics and Mailbox database quotas You might have an interest in attaining information such as mailbox details, mailbox statistics and mailbox database details from Exchange server. At that point, knowing how to retrieve this information …
    Learn more about how the humble email signature can be used as more than just an electronic business card. When used correctly, a signature can easily be tailored for different purposes by different departments within an organization.
    In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
    In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…

    794 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now