Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Office 2007 Security certificate warning (certificate invalid or does not match.)

Posted on 2009-05-07
9
Medium Priority
?
524 Views
Last Modified: 2012-05-06

  Recently upgraded one of my users pc's to MS office 2007. Now when he opens outlook he recieves a windows security box that states "The name on the security certificate is invalid or does not match the name on the site".  This is an Exchange 2007 Environment.
0
Comment
Question by:CJ27
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
9 Comments
 
LVL 65

Expert Comment

by:Mestha
ID: 24328351
Do you have a commercial certificate on your Exchange server?
It is probably autodiscover doing its thing.
Check whether autodiscover.example.com resolves internally to an external host (where example.com is the domain on the email address). That can cause this error.

Simon.
0
 

Author Comment

by:CJ27
ID: 24330310

  Could you please give me a little more detail in how to do this? I'm not an exchange expert, I just recently inherited it when another admin left the company.  Yes there is a commercial certificate on the Exchange server.
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24330843
It has nothing to do with Exchange. It is name resolution.
You need to check where autodiscover.example.com resolves to inside the network. Ping will do that. If you ping autodiscover.example.com and get a response from an external IP address then that may well be your problem.

It usually caused by a wild card DNS entry in your DNS, pointing to your web site, which is probably hosting another SSL site.

Simon.
0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 

Author Comment

by:CJ27
ID: 24336146
I tried to ping autodiscover.mydomainname.com and I'm getting "the ping request could not find host"  am I doing something wrong? could you please elaborate more. Also, Outlook owa is the only ssl site that is being hosted in our orginization.
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24338676
Have you looked at the certificate that comes up? See what it is issued to?

Simon.
0
 

Expert Comment

by:pkftx_IT
ID: 24496481
In our case, the users who got this message were using "open these additional mailboxes" with a mailbox that no longer existed. The message was not widespread.

However, in researching this issue, I found this Microsoft knowledge base article: http://support.microsoft.com/kb/940726.
0
 

Expert Comment

by:pkftx_IT
ID: 24714829
In other cases, our users who had not been viewing additional mailboxes would not receive this prompt after we went to Send\Receive in Outlook 2007, Download Address Book.., choose Global Address List, and clicked Ok.
0
 

Author Comment

by:CJ27
ID: 25345738

"Have you looked at the certificate that comes up? See what it is issued to?"

Yes, the name is different which I suspect is the problem. But, How would I fix this?

0
 
LVL 65

Accepted Solution

by:
Mestha earned 1000 total points
ID: 25349737
If the certificate hasn't been setup correctly then it can cause problems.
You need to verify
a - whether the certificate is the one installed on your server
b - whether the certificate is a single name or SAN/UC certificate.
To check the second object, browse to the site, then look at the certificate through IE. On the Details tab, look through the fields for a line "Subject Alternative Name". If that exists then it is a UC certificate. If it does not then it is a single name certificate.

SSL certificates are a major pain point for Exchange 2007 deployments at the best of times, so undoing a bad SSL certificate installation can be troublesome.

Simon.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Suggested Courses

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question