Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Office 2007 Security certificate warning (certificate invalid or does not match.)

Posted on 2009-05-07
9
Medium Priority
?
528 Views
Last Modified: 2012-05-06

  Recently upgraded one of my users pc's to MS office 2007. Now when he opens outlook he recieves a windows security box that states "The name on the security certificate is invalid or does not match the name on the site".  This is an Exchange 2007 Environment.
0
Comment
Question by:CJ27
  • 4
  • 3
  • 2
9 Comments
 
LVL 65

Expert Comment

by:Mestha
ID: 24328351
Do you have a commercial certificate on your Exchange server?
It is probably autodiscover doing its thing.
Check whether autodiscover.example.com resolves internally to an external host (where example.com is the domain on the email address). That can cause this error.

Simon.
0
 

Author Comment

by:CJ27
ID: 24330310

  Could you please give me a little more detail in how to do this? I'm not an exchange expert, I just recently inherited it when another admin left the company.  Yes there is a commercial certificate on the Exchange server.
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24330843
It has nothing to do with Exchange. It is name resolution.
You need to check where autodiscover.example.com resolves to inside the network. Ping will do that. If you ping autodiscover.example.com and get a response from an external IP address then that may well be your problem.

It usually caused by a wild card DNS entry in your DNS, pointing to your web site, which is probably hosting another SSL site.

Simon.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Comment

by:CJ27
ID: 24336146
I tried to ping autodiscover.mydomainname.com and I'm getting "the ping request could not find host"  am I doing something wrong? could you please elaborate more. Also, Outlook owa is the only ssl site that is being hosted in our orginization.
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24338676
Have you looked at the certificate that comes up? See what it is issued to?

Simon.
0
 

Expert Comment

by:pkftx_IT
ID: 24496481
In our case, the users who got this message were using "open these additional mailboxes" with a mailbox that no longer existed. The message was not widespread.

However, in researching this issue, I found this Microsoft knowledge base article: http://support.microsoft.com/kb/940726.
0
 

Expert Comment

by:pkftx_IT
ID: 24714829
In other cases, our users who had not been viewing additional mailboxes would not receive this prompt after we went to Send\Receive in Outlook 2007, Download Address Book.., choose Global Address List, and clicked Ok.
0
 

Author Comment

by:CJ27
ID: 25345738

"Have you looked at the certificate that comes up? See what it is issued to?"

Yes, the name is different which I suspect is the problem. But, How would I fix this?

0
 
LVL 65

Accepted Solution

by:
Mestha earned 1000 total points
ID: 25349737
If the certificate hasn't been setup correctly then it can cause problems.
You need to verify
a - whether the certificate is the one installed on your server
b - whether the certificate is a single name or SAN/UC certificate.
To check the second object, browse to the site, then look at the certificate through IE. On the Details tab, look through the fields for a line "Subject Alternative Name". If that exists then it is a UC certificate. If it does not then it is a single name certificate.

SSL certificates are a major pain point for Exchange 2007 deployments at the best of times, so undoing a bad SSL certificate installation can be troublesome.

Simon.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you looking for the options available for exporting EDB files to PST? You may be confused as they are different in different Exchange versions. Here, I will discuss some options available.
If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
This video discusses moving either the default database or any database to a new volume.
Is your OST file inaccessible, Need to transfer OST file from one computer to another? Want to convert OST file to PST? If the answer to any of the above question is yes, then look no further. With the help of Stellar OST to PST Converter, you can e…
Suggested Courses

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question