Solved

Office 2007 Security certificate warning (certificate invalid or does not match.)

Posted on 2009-05-07
9
514 Views
Last Modified: 2012-05-06

  Recently upgraded one of my users pc's to MS office 2007. Now when he opens outlook he recieves a windows security box that states "The name on the security certificate is invalid or does not match the name on the site".  This is an Exchange 2007 Environment.
0
Comment
Question by:CJ27
  • 4
  • 3
  • 2
9 Comments
 
LVL 65

Expert Comment

by:Mestha
ID: 24328351
Do you have a commercial certificate on your Exchange server?
It is probably autodiscover doing its thing.
Check whether autodiscover.example.com resolves internally to an external host (where example.com is the domain on the email address). That can cause this error.

Simon.
0
 

Author Comment

by:CJ27
ID: 24330310

  Could you please give me a little more detail in how to do this? I'm not an exchange expert, I just recently inherited it when another admin left the company.  Yes there is a commercial certificate on the Exchange server.
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24330843
It has nothing to do with Exchange. It is name resolution.
You need to check where autodiscover.example.com resolves to inside the network. Ping will do that. If you ping autodiscover.example.com and get a response from an external IP address then that may well be your problem.

It usually caused by a wild card DNS entry in your DNS, pointing to your web site, which is probably hosting another SSL site.

Simon.
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 

Author Comment

by:CJ27
ID: 24336146
I tried to ping autodiscover.mydomainname.com and I'm getting "the ping request could not find host"  am I doing something wrong? could you please elaborate more. Also, Outlook owa is the only ssl site that is being hosted in our orginization.
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24338676
Have you looked at the certificate that comes up? See what it is issued to?

Simon.
0
 

Expert Comment

by:pkftx_IT
ID: 24496481
In our case, the users who got this message were using "open these additional mailboxes" with a mailbox that no longer existed. The message was not widespread.

However, in researching this issue, I found this Microsoft knowledge base article: http://support.microsoft.com/kb/940726.
0
 

Expert Comment

by:pkftx_IT
ID: 24714829
In other cases, our users who had not been viewing additional mailboxes would not receive this prompt after we went to Send\Receive in Outlook 2007, Download Address Book.., choose Global Address List, and clicked Ok.
0
 

Author Comment

by:CJ27
ID: 25345738

"Have you looked at the certificate that comes up? See what it is issued to?"

Yes, the name is different which I suspect is the problem. But, How would I fix this?

0
 
LVL 65

Accepted Solution

by:
Mestha earned 250 total points
ID: 25349737
If the certificate hasn't been setup correctly then it can cause problems.
You need to verify
a - whether the certificate is the one installed on your server
b - whether the certificate is a single name or SAN/UC certificate.
To check the second object, browse to the site, then look at the certificate through IE. On the Details tab, look through the fields for a line "Subject Alternative Name". If that exists then it is a UC certificate. If it does not then it is a single name certificate.

SSL certificates are a major pain point for Exchange 2007 deployments at the best of times, so undoing a bad SSL certificate installation can be troublesome.

Simon.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
Large Outlook files lead to various unwanted errors and corruption issues. Furthermore, large outlook files can also make Outlook take longer to start-up, search, navigate, and shut-down. So, In this article, i will discuss a method to make your Out…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
CodeTwo Sync for iCloud (http://www.codetwo.com/sync-for-icloud?sts=6554) automatically synchronizes your Outlook 2016, 2013, 2010 or 2007 folders with iCloud folders available via iCloud Control Panel. This lets you automatically sync them with…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now