VillaVerdeAgua
asked on
Certificate on Exchange 2007 OWA causes Security Alert in Outlook 2007
We installed a Network Solutions SSL security certificate to our Exchange Server in order to get rid of the security alert on our OWA connections, and achieved what we set out to do. As a result of the process, however, our Outlook clients now receive a Security Alert when opening Outlook 2007: "The name on the security certificate is invalid or does not match the name of the site." After clicking "Yes" a couple of times in order to proceed, we work fine in Outlook, but it is an extreme annoyance. Hwo do we fix it?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
It is not necessary to have a SAN/UCC certificate... If he has already made a purchase of the single name certificate why waste more $$ on SAN/UCC Certs??
I agree that with a single name certificate there is a little more administrative task but then it is a one-time configuration... We can always configure autodiscover using an SRV record in the Public DNS...
apart from that I don't think there are any other modifications to do...
Following 2 simple articles would be better than to waste extra $$$ on a SAN/UCC certificate.
I agree that with a single name certificate there is a little more administrative task but then it is a one-time configuration... We can always configure autodiscover using an SRV record in the Public DNS...
apart from that I don't think there are any other modifications to do...
Following 2 simple articles would be better than to waste extra $$$ on a SAN/UCC certificate.
There are very few public DNS that will allow you to or support the creation of SRV records.
For $60 a year it really is a no brainer. If you start changing settngs that shouldnt be changed you are then moving away from the "standard" and why would you want to?
For $60 a year it really is a no brainer. If you start changing settngs that shouldnt be changed you are then moving away from the "standard" and why would you want to?
ASKER
These answers conflict with each other, but one (or both) is, or will, be the correct answer. Points mostly awarded for pointing us in the right direction. Detailed directions would have merited an A.
Perhaps if you had come back and advised what you were not sure about we could have helped you more?
ASKER
No complaints on this end, demazter. It's just that we haven't uncovered a real solution yet, in light of larger priorities to try your solutions out, and in also in light of EE's typical impatience to slam shut these highly technical Q&As in all haste. My comments were directed toward a "fuzziness" of the answers in relation to our circumstances (for example, telling us to purchase a certificate from one place when it was noted we already had one; or proposing we change our DNS provider, etc), besides it appearing to be unclear that there isn't some angle to correct this problem within Exchange itself. The solutions are good and sound, and are much appreciated.
Apologies that the comments from some of the other experts made things fuzzy, the first comment I provided was correct.
I merely stated your certificate needed to be a SAN/UCC certificate and gave an example of where to get this from because you didn't make it clear if you had one that was a SAN/UCC
It's all moot now anyway.
I merely stated your certificate needed to be a SAN/UCC certificate and gave an example of where to get this from because you didn't make it clear if you had one that was a SAN/UCC
It's all moot now anyway.
They are about $60 per year and it's not worth not doing it, it will cost you more than that in lost time trying to resolve all the issues.