Certificate error on Outlook 2007 with new Exchange 2007 server
Posted on 2009-05-04
I just deployed a new Exchange 2007 server on a Windows 2008 platform. I have installed my SSL certificate from Verisign. When Outlook 2007 clients attach to the new server, they receive the following warning: "The name on the security certificate is invalid or does not match the name of the site."
Users can click through the warning and attach fine with Outlook 2007. Outlook users coming in with OWA or Outlook 2003 do not get this error.
I've researched and know my issue has something to do with not using a "SAN certificate", but I am under the impression I can get this fixed using my standard SSL certificate.
I currently have the SSL certificate issued to "mail.mydomain.org." My internal server name is MAIL01. If I reissue my SSL certificate and use a simple name of mail01.mydomain.org and change my external DNS to point mail01.mydomain.org correctly, do you think I can solve this error with Outloot 2007?
In the end the SSL certificate would be registered to mail01.mydomain.org, which is the internal name of my mail server. Outlook 2007 should no longer complain and give the warning would it? I then could just tell users who want to use OWA to go to https://mail01.mydomain.org.
Please let me know if my thinking is logical to fix this problem, or if there is something else I should do. I would like your feedback before I go and get a reissue from Verisign. Thanks.