[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

RPC over HTTP error Certificate chain could not be built. You may be missing required intermediate certificates

Posted on 2009-12-23
3
Medium Priority
?
1,489 Views
Last Modified: 2012-05-08
Hi Guys,
I've enabled RPC over HTTP on a new Exchange 2007 installed into an SBS2003 domain on a new server 2008 box. I have created a SAN certificate and have added the Autodiscover entry to DNS. I have also exported and installed the ROOT certificate to a PC but cannot connect via RPC over HTTP. I have checked the URL's etc and these seem fine.
I have ran the Exchange connectivity tool and i get the following:

Testing SSL Certificate for validity.
  The SSL Certificate failed one or more certificate validation checks.
   Test Steps
   Validating certificate name
  Successfully validated the certificate name
   Additional Details
  Found hostname OWA.CSCIENCES.CO.UK in Certificate Subject Common name  
 
 Validating certificate trust
  Certificate trust validation failed
   Additional Details
  Certificate chain could not be built. You may be missing required intermediate certificates.  
 
 I installed the certificate from the Exchange 2007 server but do i need anything from the SBS2003 (DC) box as well ?

Thanks
 
0
Comment
Question by:Netexperts
  • 2
3 Comments
 
LVL 7

Accepted Solution

by:
BrianKronberg earned 2000 total points
ID: 26113822
The tool will not work if you are using an certificate created on your own certificate authority.  I am assuming this because you said you had to import the root on the PC.  Think about it, the "tester" on the web does not have the root.
0
 
LVL 1

Author Comment

by:Netexperts
ID: 26118457
That makes sense however after installing the cert to a test machine it keeps coming up with 'connection to microsoft exchange is unavailable' . It allows me to enter domain\username and password so am i correct in thinking it is actually connecting ?
0
 
LVL 1

Author Closing Comment

by:Netexperts
ID: 31669484
Thanks,

For any readers info i have also just found out that Outlook Anywhere won't work with self signed certs and so that is where the problems lied.
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below errors for MS Exchange Server 2016 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
Exchange administrators are always vigilant about Exchange crashes and disasters that are possible any time. It is quite essential to identify the symptoms of a possible Exchange issue and be prepared with a proper recovery plan. There are multiple…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
Suggested Courses
Course of the Month19 days, 5 hours left to enroll

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question