There is a problem with this website's security certificate.
whenever i Open my webmail.domain.com, it is giving me this page:
There is a problem with this website's security certificate.
The security certificate presented by this website has expired or is not yet valid.
The security certificate presented by this website was issued for a different website's address.
We recommend that you close this webpage and do not continue to this website.
Click here to close this webpage.
Continue to this website (not recommended).
More information
can you please advise?
Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.
There is a problem with this website's security certificate.
The security certificate presented by this website has expired or is not yet valid.
The security certificate presented by this website was issued for a different website's address.
We recommend that you close this webpage and do not continue to this website.
Click here to close this webpage.
Continue to this website (not recommended).
More information
can you please advise?
Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.
you need buy trasted certificate or if you have own PKI, publish certificate with SAN (subject alternative name) - webmail.domain.com.
What is your exchange version?
What is your exchange version?
ASKER
how i will check?
ASKER
my exchange is 2003 on windows 2003 server
When you get to the website - you should see a Red Shield in the top right-hand corner displaying "Certificate Error". If you click on the shield, you can the click on View Certificate.
On the screen you see next, it will tell you name that the certificate was issued to.
On the screen you see next, it will tell you name that the certificate was issued to.
click - Continue to this website (not recommended). - in IE address line there is castle. click on it - view certificates - datail tab - take a look at
Subject (CN=bla-bla) and Subject Alternatives Name (if you have now SAN then you will not see it)
Subject (CN=bla-bla) and Subject Alternatives Name (if you have now SAN then you will not see it)
ASKER
it is saying issued by exchange
issued to exchange
and date from 2007-2009
issued to exchange
and date from 2007-2009
it's a long story...
But you can start from here:
http://www.msexchange.org/tutorials/Creating-Certificate-OWA2003-SelfSSL.html
PS: as i and alanhardisty sad above the best way for you buy trusted third party SSL certificate
But you can start from here:
http://www.msexchange.org/tutorials/Creating-Certificate-OWA2003-SelfSSL.html
PS: as i and alanhardisty sad above the best way for you buy trusted third party SSL certificate
ASKER
you mean I have to buy it or something I can download and install?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Sir i have to buy for this or this is free?
Are you runnin gon a Small Business Server or have you got Windows 2003 with Exchange 2003?
If you have Small Business Server, you can re-run the Connect to the Internet Wizard and generate a brand new certificate in moments, otherwise, you would be better off long-term visiting somewhere like GoDaddy and buying a $40 certificate to correct this problem. If you also use HTTPs over RPC and Activesync to connect Outlook to your server and Mobile Phones to have their mail pushed, this will save you heaps of time and hassle.
If you have Small Business Server, you can re-run the Connect to the Internet Wizard and generate a brand new certificate in moments, otherwise, you would be better off long-term visiting somewhere like GoDaddy and buying a $40 certificate to correct this problem. If you also use HTTPs over RPC and Activesync to connect Outlook to your server and Mobile Phones to have their mail pushed, this will save you heaps of time and hassle.
There are two ways: FREE and NOT FREE
If you will not buy SSL certificate, then you need to do
1. all steps in article above
2. install certificate on all client computers that will be use OWA.
If you will buy it your client will not need to install SSL certificate.
If you will not buy SSL certificate, then you need to do
1. all steps in article above
2. install certificate on all client computers that will be use OWA.
If you will buy it your client will not need to install SSL certificate.
ASKER
actualy I am running a small business,I have windows 2003 with exchange 2003, and I have Iphone 3 G syn with exchange, but can i can do it for free ?please advise if it is free i will do it otherwise no need to waste time.
It is important to get this correct. There is a package called Windows 2003 Small Business Server. If you lock the server - when you see the logo on the screen, does it say Windows Server 2003 for Small Business Server?
If not, then you do not have Small Business Server and you need to follow shreedhar's advice / link.
If not, then you do not have Small Business Server and you need to follow shreedhar's advice / link.
ASKER
actualy this windows 2003 standerd edtion,
ASKER
the shreedhar's advise/link , is something ew have to pay or for free?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
AlanHardisty has a point , check the details on the self signed certificate. But I have found that a 3rd party certificate is the best way to go, you can purchase these from godaddy or digicert.com
ASKER
DO you want the detials of the previous certifcate installed?
No need for us to know this.
Wrong solution accepted - please close differently.
ASKER
what is the accpetd solution?
Request for attention raised.
ASKER
sorry for that but I thought the 3d party certificate is the answer
ASKER
Sir refering to shredhar advise, i will create it on exchange and every user outside the company has to install the certifcate in his pc ?
You need to accept the solution from the Expert who provided you the answer initially, not someone who came along and concurred with the other Experts.
Please re-close this question differently accepting one or more Expert's comments as the solution / assisted solution.
Please re-close this question differently accepting one or more Expert's comments as the solution / assisted solution.
ASKER
how i can do it/
ASKER
how to change the acceted solution sir?
If you are not sure - wait for a moderator to re-open the question and then re-close it differently.
Have a read through all the comments when you re-close please, and see who gave you the answer that you followed and also allocate any points to anyone who you felt assisted you in resolving your problem.
As Experts on Experts Exchange - all we get from doing this voluntarily is the Points you allocate (and the ocassional T-Shirt when we get a certain number of points), so if you allocate them carefully, then the participating Experts will be rewarded for their time and effort accordingly.
Have a read through all the comments when you re-close please, and see who gave you the answer that you followed and also allocate any points to anyone who you felt assisted you in resolving your problem.
As Experts on Experts Exchange - all we get from doing this voluntarily is the Points you allocate (and the ocassional T-Shirt when we get a certain number of points), so if you allocate them carefully, then the participating Experts will be rewarded for their time and effort accordingly.
Thanks _alias99.
Alan
Alan
ASKER
ok
Thanks i_harfoush - I was not expecting anything there, so thanks for the points.
Hope you get the problem resolved quickly.
Alan
Hope you get the problem resolved quickly.
Alan
ASKER
I will use shreed advise and install it,
but if my users open their webmail from new pc they have to install the certificate right>?
but if my users open their webmail from new pc they have to install the certificate right>?
No - not via webmail.
They can use Webmail without installing the certificate - but to lose the error, you would have to install it.
If you buy a certificate - no installations necessary.
If you buy a certificate - no installations necessary.
:) i_harfoush my link was the same (comment ID: 28974991). Why you choose second? )
PS: nevermind...
PS: nevermind...
ASKER
Sir I got your point
my users are opening webmail.domain.com , they are getting error certificate,
so if i follow shreed advise and install the certificate , each user opens webmail.domain.com, the error will appear until he click install the certificate and store it on his pc.
but if i buy it for 40 $
no need for any installation on the user side and the error will disappear, right sir?
my users are opening webmail.domain.com , they are getting error certificate,
so if i follow shreed advise and install the certificate , each user opens webmail.domain.com, the error will appear until he click install the certificate and store it on his pc.
but if i buy it for 40 $
no need for any installation on the user side and the error will disappear, right sir?
yes. correct! )
If you buy and install a Trusted 3rd Party SSL certificate, then you won't get thrown an error every time.
Does the name on the certificate match the name of the website you are using to access webmail from? Presumably it does not have webmail.domain.com on the certificate.