Improve company productivity with a Business Account.Sign Up

x
?
Solved

A certification error when open MS Outlook

Posted on 2009-07-10
5
Medium Priority
?
252 Views
Last Modified: 2012-05-07
This is a newly-installed MS Exchange 2007 server, that was migrated from Exchange 2003. All Outlook also upgraded from 2003 to 2007. Whenever user open the MS Outlook, he/her will see a certificate error. Even if the user select to import the cert, same error will still prompt subsequently.
All the outlook are configured to use Exchange Cache mode in RPC. Any suggestion is welcome.
0
Comment
Question by:Balack
5 Comments
 
LVL 20

Accepted Solution

by:
Rick Fee earned 300 total points
ID: 24820943
Yes this is due to your virtual directories being different that the cert.    

EXCHANGESERVERNAME = Exchange 2007 Server name

exchange.ourcompany.com = whatever your cert is set for on OWA

The Cmdlet fix:

Set-ClientAccessServer -Identity EXCHANGESERVERNAME -AutoDiscoverServiceInternalUri https://exchange.ourcompany.com/Autodiscover/Autodiscover.xml

Set-WebServicesVirtualDirectory -Identity "EXCHANGESERVERNAME\EWS (Default Web Site)" -InternalURL https://exchange.ourcompany.com/EWS/Exchange.asmx -BasicAuthentication:$true

Set-OABVirtualDirectory -Identity "EXCHANGESERVERNAME\OAB (Default Web Site)" -InternalURL https://exchange.ourcompany.com/OAB

Set-ActiveSyncVirtualDirectory -Identity "EXCHANGESERVERNAME\Microsoft-Server-ActiveSync (Default Web Site)" -ExternalURL https://exchange.ourcompany.com/Microsoft-Server-Activesync 


0
 
LVL 13

Assisted Solution

by:lastlostlast
lastlostlast earned 300 total points
ID: 24821586
what is the certificate when you click on view certificate option in the certificate error?

By defauult for your internal clients to connect with Exchange Server, they will connect using the URL set in SCP. Default is https://FQDN/autodiscover/autodiscover.xml

If you are using a single name certificate in the IIS, then you will need to modify the SCP URL as mentioned above.

You can go through KB 940726 for more details.
0
 
LVL 65

Assisted Solution

by:Mestha
Mestha earned 300 total points
ID: 24821695
Ideally you need to change the self generated certificate that Exchange 2007 installs for a commercial SAN/UC certificate. That will allow you to use all of the Exchange 2007 features without certificate prompts.

I have outlined what needs to be done on my web site here:
http://blog.sembee.co.uk/archive/2008/05/30/78.aspx

Simon.
0
 
LVL 7

Assisted Solution

by:aslamsurve
aslamsurve earned 300 total points
ID: 24821979
Check the following......
Warning message when you start Outlook 2007 and then connect to a mailbox that is hosted on an Exchange 2007-based server: "The name of the security certificate is invalid or does not match the name of the site"
http://support.microsoft.com/kb/940726
0
 
LVL 1

Assisted Solution

by:canuc0
canuc0 earned 300 total points
ID: 24822234
Exchange 2007 assigns a self-signed certificate which is valid for a year. As you haven't installed this a year ago, and have recently done a migration, it's most likely an issue with IIS running on the Exchange server.

You can also get some information about your Outlook connectivity by ctrl and right-clicking the Outlook icon in the system tray.

If you use external connectivity, such as OWA, go with Mestha's recommendation of a SAN certificate - it will save you a lot of heartache, both for internal and external issues with certs.
Hope this is helpful,
canuc0
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Are you in the migration process of your Exchange to Exchange Online? Be aware of customized solutions developed on the transport role on your old Exchange server. They might not be convertible to Exchange Online!
Using Granular Exchange Recovery Software to recover specific items from corrupt Exchange mailboxes. With Granular recovery techniques,  repair exchange mailbox and then move single items objects stored in Exchange EDB Files such as emails, contacts…
This video tutorial shows you the steps to go through to set up what I believe to be the best email app on the android platform to read Exchange mail.  Get the app on your phone: The first step is to make sure you have the Samsung Email app on your …
Watch the video to know how one can repair corrupt Exchange OST file effortlessly and convert OST emails to MS Outlook PST file format by using Kernel for OST to PST converter tool. It can convert OST to MSG, MBOX, EML to access them. It can migrate…

608 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question