Outlook 2007 Security Alert, The name on the security certificate is ivalid

We have move from Exchange 2003 to 2007 and are having one or two teething problems.  I have intsalled a third party SSL certificate which is working well, however users are gettiing a Security Alert when connection to Outlook:

autodiscover.ourdomain.com

The name on the security certificate is invalid or does not match the name of the site.
Do you want to proceed?

Now I know if I had added autodiscover.ourdomain.com as an alternative to the certificate, we wouldn't get this error but I didn't.  

I think there is a way to repoint the Autodiscovery to the existing SSL using:

Set-ClientAccessServer -Identity CASserver1 -AutoDiscoverServiceInternalUri https://yourinternaladdress.xxx

Our clients can connect to webmail internally by going to:

https://servername/owa

Does that mean that the syntax I need to use to stop this warning appearing is:

Set-ClientAccessServer -Identity CASserver1 -AutoDiscoverServiceInternalUri https://servername/owa

I just want to be sure!
LVL 3
-Juddy-Asked:
Who is Participating?
 
Rajith EnchiparambilConnect With a Mentor Office 365 & Exchange ArchitectCommented:
Yes, you need to have the autodiscover.yourdomain.com in your cert. So, amend it.
0
 
Rajith EnchiparambilOffice 365 & Exchange ArchitectCommented:
"""Set-ClientAccessServer -Identity CASserver1 -AutoDiscoverServiceInternalUri https://servername/owa"""

This is wrong.

By default, AutoDiscoverServiceInternalUri will be https://casserver.domain.local/autodiscover.autodiscover.xml

So, unless you have a SAN/UCC Certificate which has your CAS server netbios name and fqdn, along with autodiscover.externaldomain.com in your cert, your error will pop up all the time.

Check http://enchiparambil.com/ucc_san_certificate_for_exchange_2007.aspx

Rajith.
0
 
-Juddy-Author Commented:
I have all of the above apart from the autodiscover entry.  
0
 
Rajith EnchiparambilOffice 365 & Exchange ArchitectCommented:
You need autodiscover entry for Outlook 2007 to work properly. Or else, use Outlook 2003 as an alternate solution.
0
 
-Juddy-Author Commented:
We have Office 2007 on all workstations, so I guess I'll need to alter my SSL cert.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.