There is a problem with this website's security certificate.

whenever i Open my webmail.domain.com, it is giving me this page:
There is a problem with this website's security certificate.
 
   
 The security certificate presented by this website has expired or is not yet valid.
The security certificate presented by this website was issued for a different website's address.


 We recommend that you close this webpage and do not continue to this website.  
  Click here to close this webpage.  
  Continue to this website (not recommended).  
     More information
 
can you please advise?

Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.  
i_harfoushAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Alan HardistyCo-OwnerCommented:
If it is a self-signed certificate or has not been setup properly (it has the wrong name), then it will throw up and error.
If you buy and install a Trusted 3rd Party SSL certificate, then you won't get thrown an error every time.
Does the name on the certificate match the name of the website you are using to access webmail from?  Presumably it does not have webmail.domain.com on the certificate.
0
Dmitriy Ilyinsenior system administratorCommented:
you need buy trasted certificate or if you have own PKI, publish certificate with SAN (subject alternative name) -  webmail.domain.com.
What is your exchange version?
0
i_harfoushAuthor Commented:
how i will check?
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

i_harfoushAuthor Commented:
my exchange is 2003 on windows 2003 server
0
Alan HardistyCo-OwnerCommented:
When you get to the website - you should see a Red Shield in the top right-hand corner displaying "Certificate Error".  If you click on the shield, you can the click on View Certificate.
On the screen you see next, it will tell you name that the certificate was issued to.
 
0
Dmitriy Ilyinsenior system administratorCommented:
click - Continue to this website (not recommended). - in IE address line there is castle. click on it - view certificates - datail tab - take a look at
Subject (CN=bla-bla) and Subject Alternatives Name (if you have now SAN then you will not see it)
0
i_harfoushAuthor Commented:
it is saying issued by exchange
issued to exchange
and date from 2007-2009
0
Dmitriy Ilyinsenior system administratorCommented:
it's a long story...
But you can start from here:
http://www.msexchange.org/tutorials/Creating-Certificate-OWA2003-SelfSSL.html

PS: as i and alanhardisty sad above the best way for you buy trusted third party SSL certificate
0
i_harfoushAuthor Commented:
you mean I have to buy it or something I can download and install?
0
Shreedhar EtteCommented:
Hi,

Refer this article tocreate proper certificate:
http://www.msexchange.org/tutorials/Creating-Certificate-OWA2003-SelfSSL.html

I hope this helps,
Shree
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
i_harfoushAuthor Commented:
Sir i have to buy for this or this is free?
0
Alan HardistyCo-OwnerCommented:
Are you runnin gon a Small Business Server or have you got Windows 2003 with Exchange 2003?
If you have Small Business Server, you can re-run the Connect to the Internet Wizard and generate a brand new certificate in moments, otherwise, you would be better off long-term visiting somewhere like GoDaddy and buying a $40 certificate to correct this problem.  If you also use HTTPs over RPC and Activesync  to connect Outlook to your server and Mobile Phones to have their mail pushed, this will save you heaps of time and hassle.
0
Dmitriy Ilyinsenior system administratorCommented:
There are two ways: FREE and NOT FREE
If you will not buy SSL certificate, then you need to do
1. all steps in article above
2. install certificate on all client computers that will be use OWA.

If you will buy it your client will not need to install SSL certificate.
0
i_harfoushAuthor Commented:
actualy I am running a small business,I have windows 2003 with exchange 2003, and I have Iphone 3 G syn with exchange, but can i can do it for free ?please advise if it is free i will do it otherwise no need to waste time.
0
Alan HardistyCo-OwnerCommented:
It is important to get this correct.  There is a package called Windows 2003 Small Business Server.  If you lock the server - when you see the logo on the screen, does it say Windows Server 2003 for Small Business Server?
If not, then you do not have Small Business Server and you need to follow shreedhar's advice / link.
0
i_harfoushAuthor Commented:
actualy this windows 2003 standerd edtion,
0
i_harfoushAuthor Commented:
the shreedhar's advise/link , is something ew have to pay or for free?
0
Alan HardistyCo-OwnerCommented:
Then you have to either follow Shreedhar's advice, or spend $40 and buy one.
Buying one is the better long-term solution IMHO.
www.godaddy.com or my reseller account www.exchange-certificates.com!
0
delmcCommented:
AlanHardisty has a point , check the details on the self signed certificate. But I have found that a 3rd party certificate is the best way to go, you can purchase these from godaddy or digicert.com
0
i_harfoushAuthor Commented:
DO you want the detials of the previous certifcate installed?
0
Alan HardistyCo-OwnerCommented:
No need for us to know this.
0
Alan HardistyCo-OwnerCommented:
Wrong solution accepted - please close differently.
0
i_harfoushAuthor Commented:
what is the accpetd solution?
0
Alan HardistyCo-OwnerCommented:
Request for attention raised.
0
i_harfoushAuthor Commented:
sorry for that but I thought the 3d party certificate is the answer
0
i_harfoushAuthor Commented:
Sir refering to shredhar advise, i will create it on exchange and every user outside the company has to install the certifcate in his pc ?
0
Alan HardistyCo-OwnerCommented:
You need to accept the solution from the Expert who provided you the answer initially, not someone who came along and concurred with the other Experts.
Please re-close this question differently accepting one or more Expert's comments as the solution / assisted solution.
0
i_harfoushAuthor Commented:
how i can do it/
0
i_harfoushAuthor Commented:
how to change the acceted solution sir?
0
Alan HardistyCo-OwnerCommented:
If you are not sure - wait for a moderator to re-open the question and then re-close it differently.
Have a read through all the comments when you re-close please, and see who gave you the answer that you followed and also allocate any points to anyone who you felt assisted you in resolving your problem.
As Experts on Experts Exchange - all we get from doing this voluntarily is the Points you allocate (and the ocassional T-Shirt when we get a certain number of points), so if you allocate them carefully, then the participating Experts will be rewarded for their time and effort accordingly.
0
Alan HardistyCo-OwnerCommented:
Thanks _alias99.
Alan
0
i_harfoushAuthor Commented:
ok
0
Alan HardistyCo-OwnerCommented:
Thanks i_harfoush - I was not expecting anything there, so thanks for the points.
Hope you get the problem resolved quickly.
Alan
0
i_harfoushAuthor Commented:
I will use shreed advise and install it,
but if my users open their webmail from new pc they have to install the certificate right>?
0
Alan HardistyCo-OwnerCommented:
No - not via webmail.
0
Alan HardistyCo-OwnerCommented:
They can use Webmail without installing the certificate - but to lose the error, you would have to install it.
If you buy a certificate - no installations necessary.
0
Dmitriy Ilyinsenior system administratorCommented:
:) i_harfoush my link was the same (comment ID: 28974991). Why you choose second? )

PS: nevermind...
0
i_harfoushAuthor Commented:
Sir I got your point
my users are opening webmail.domain.com , they are getting error certificate,
so if i follow shreed advise and install the certificate , each user opens webmail.domain.com, the error will appear until he click install the certificate and store it on his pc.
but if i buy it for 40 $
no need for any installation on the user side and the error will disappear, right sir?
0
Dmitriy Ilyinsenior system administratorCommented:
yes. correct! )
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking

From novice to tech pro — start learning today.