Link to home
Start Free TrialLog in
Avatar of -Juddy-
-Juddy-Flag for United Kingdom of Great Britain and Northern Ireland

asked on

Outlook 2007 Security Alert, The name on the security certificate is ivalid

We have move from Exchange 2003 to 2007 and are having one or two teething problems.  I have intsalled a third party SSL certificate which is working well, however users are gettiing a Security Alert when connection to Outlook:

autodiscover.ourdomain.com

The name on the security certificate is invalid or does not match the name of the site.
Do you want to proceed?

Now I know if I had added autodiscover.ourdomain.com as an alternative to the certificate, we wouldn't get this error but I didn't.  

I think there is a way to repoint the Autodiscovery to the existing SSL using:

Set-ClientAccessServer -Identity CASserver1 -AutoDiscoverServiceInternalUri https://yourinternaladdress.xxx

Our clients can connect to webmail internally by going to:

https://servername/owa

Does that mean that the syntax I need to use to stop this warning appearing is:

Set-ClientAccessServer -Identity CASserver1 -AutoDiscoverServiceInternalUri https://servername/owa

I just want to be sure!
Avatar of Rajith Enchiparambil
Rajith Enchiparambil
Flag of United Kingdom of Great Britain and Northern Ireland image

"""Set-ClientAccessServer -Identity CASserver1 -AutoDiscoverServiceInternalUri https://servername/owa"""

This is wrong.

By default, AutoDiscoverServiceInternalUri will be https://casserver.domain.local/autodiscover.autodiscover.xml

So, unless you have a SAN/UCC Certificate which has your CAS server netbios name and fqdn, along with autodiscover.externaldomain.com in your cert, your error will pop up all the time.

Check http://enchiparambil.com/ucc_san_certificate_for_exchange_2007.aspx

Rajith.
Avatar of -Juddy-

ASKER

I have all of the above apart from the autodiscover entry.  
You need autodiscover entry for Outlook 2007 to work properly. Or else, use Outlook 2003 as an alternate solution.
Avatar of -Juddy-

ASKER

We have Office 2007 on all workstations, so I guess I'll need to alter my SSL cert.
ASKER CERTIFIED SOLUTION
Avatar of Rajith Enchiparambil
Rajith Enchiparambil
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial