I just migrated to Small Business Server 2008. Most of my users are running Outlook 2003. I have a GoDaddy multiple domain certificate issued to ww3.mydomain.com that also covers mail.mydomain.com, remote.mydomain.com, and vpn.mydomain.com (in the Subject Alternative Name field). ww3.mydomain.com is actually a secondary server with a different public IP than my main server. mail.mydomain.com, remote.mydomain.com, and vpn.mydomain.com all point to my main server. I installed the GoDaddy cert on the main server using the SBS wizard and it is listed as correctly installed. Outlook Anywhere is enabled and set to use Basic Authentication.
I can connect to Outlook Anywhere using Outlook 2007, but I do get a certificate warning. When I click View Certificate I get some weird certificate that seems to have something to do with att.com. I can't find that certificate anywhere on my server. ATT is hosting www.mydomain.com but I don't see how Outlook could be retrieving the certificate for that site. See Cert.png.
None of my users can connect to Outlook Anywhere. They get an endless series of requests for username and password. "username" doesn't work, "domain\username" doesn't work, "email@example.com" doesn't work, nothing works. I've tried all sorts of combinations of settings and even deleted and recreated the profile on one user's machine; nothing helps.
When I configure Outlook 2007 on my machine to acces a user's mailbox, I get the endless series of login prompts but the error box is different. See Outlook-error.png.
It sure seems as if somebody's serving up a rotten certificate, but how do I fix this?