Solved

Office 2007 Security certificate warning (certificate invalid or does not match.)

Posted on 2009-05-07
9
513 Views
Last Modified: 2012-05-06

  Recently upgraded one of my users pc's to MS office 2007. Now when he opens outlook he recieves a windows security box that states "The name on the security certificate is invalid or does not match the name on the site".  This is an Exchange 2007 Environment.
0
Comment
Question by:CJ27
  • 4
  • 3
  • 2
9 Comments
 
LVL 65

Expert Comment

by:Mestha
ID: 24328351
Do you have a commercial certificate on your Exchange server?
It is probably autodiscover doing its thing.
Check whether autodiscover.example.com resolves internally to an external host (where example.com is the domain on the email address). That can cause this error.

Simon.
0
 

Author Comment

by:CJ27
ID: 24330310

  Could you please give me a little more detail in how to do this? I'm not an exchange expert, I just recently inherited it when another admin left the company.  Yes there is a commercial certificate on the Exchange server.
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24330843
It has nothing to do with Exchange. It is name resolution.
You need to check where autodiscover.example.com resolves to inside the network. Ping will do that. If you ping autodiscover.example.com and get a response from an external IP address then that may well be your problem.

It usually caused by a wild card DNS entry in your DNS, pointing to your web site, which is probably hosting another SSL site.

Simon.
0
 

Author Comment

by:CJ27
ID: 24336146
I tried to ping autodiscover.mydomainname.com and I'm getting "the ping request could not find host"  am I doing something wrong? could you please elaborate more. Also, Outlook owa is the only ssl site that is being hosted in our orginization.
0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 
LVL 65

Expert Comment

by:Mestha
ID: 24338676
Have you looked at the certificate that comes up? See what it is issued to?

Simon.
0
 

Expert Comment

by:pkftx_IT
ID: 24496481
In our case, the users who got this message were using "open these additional mailboxes" with a mailbox that no longer existed. The message was not widespread.

However, in researching this issue, I found this Microsoft knowledge base article: http://support.microsoft.com/kb/940726.
0
 

Expert Comment

by:pkftx_IT
ID: 24714829
In other cases, our users who had not been viewing additional mailboxes would not receive this prompt after we went to Send\Receive in Outlook 2007, Download Address Book.., choose Global Address List, and clicked Ok.
0
 

Author Comment

by:CJ27
ID: 25345738

"Have you looked at the certificate that comes up? See what it is issued to?"

Yes, the name is different which I suspect is the problem. But, How would I fix this?

0
 
LVL 65

Accepted Solution

by:
Mestha earned 250 total points
ID: 25349737
If the certificate hasn't been setup correctly then it can cause problems.
You need to verify
a - whether the certificate is the one installed on your server
b - whether the certificate is a single name or SAN/UC certificate.
To check the second object, browse to the site, then look at the certificate through IE. On the Details tab, look through the fields for a line "Subject Alternative Name". If that exists then it is a UC certificate. If it does not then it is a single name certificate.

SSL certificates are a major pain point for Exchange 2007 deployments at the best of times, so undoing a bad SSL certificate installation can be troublesome.

Simon.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Utilizing an array to gracefully append to a list of EmailAddresses
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now