SSL certificate in Exchange 2010

I have just installed a new certificate from Network solutions in my new Exchange 2010 server.  Now my outlook web access works perfectly with the certificate address of https://mail.appxxxx.com.  Unfortunately, my email server has a FQDN of appexchange2.appxxxxxx.local.  When my users open outlook inside the firewall, they get a certificate error that the name on the certificate is invalid or does not match the name of the site.  This security alert comes up every time you open Outlook and you have to click on Yes, I want to proceed twice even if I install the certificate.  Is there a way of suppressing this or did I do something wrong to cause this?
bbonnerAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Glen KnightCommented:
You need to have a SAN/UCC certificate with the following names:

owa.domainname.com (your Outlook Web Access URL)
autodiscover.domainname.com (where domainname.com is the part after the @ in your email address)
servername.domainname.local (the fully qualified internal domain name of your server)
SERVERNAME (the netbios name of your server)
0
bbonnerAuthor Commented:
Sorry, I think you need to dumb down your answer a little for me or give me a little more information.  I don't understand what you are saying or what I should do next.
0
Glen KnightCommented:
When you buy SSL certificates you need to buy a SAN also refered to as a UCC certificate with the names I specified above.

If you use the New certificate wizard it should do all this for you.

Once you have installed these the prompts with certificate errors will stop.
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

bbonnerAuthor Commented:
I believe I did do this.  I did use the certificate wizard to send in the cert to Network Solutions then again to install them.  How can I check what I have done so I can send you screen shots or more information as to what I have done already?
0
Glen KnightCommented:
When you open the oWA click the certificate icon and then select view certificate, under the details there is an entry (sorry I cannot remember what it's called and I am sat on a trainstation platform at the moment) and it gives you all the names in the certificate.
0
bbonnerAuthor Commented:
I received 4 files from Network Solutions and I only installed one of them.  I install the one for mail.appxxxxxxx.com.  The other 3 files are AddTrustExternalCARoot, NetworkSolutions_CA, and UTNAddTrustServer_CA.  The wizard did not ask me for any of those.  Would one of those fix my problem?
0
bbonnerAuthor Commented:
Did you give up on me?  I still need to get rid of that message in Outlook.  I am unable to figure out what to do with what you have given me.
0
Alan HardistyCo-OwnerCommented:
Demazter has been on a training course since Monday  - I am sure he will pop back up again shortly.
0
seb_ackerCommented:
hello

if you have only one name in your certificate, you will have to launch the following commands

Get-OABVirtualDirectory  | Set-OABVirtualDirectory -externalurl https://mail.appxxx.com/OAB -internalurl https://mail.appxxx.com/OAB -RequireSSL:$true
Get-WebServicesVirtualDirectory | Set-WebServicesVirtualDirectory -internalurl https://mail.appxxx.com/EWS/Exchange.asmx  -externalurl https://mail.appxxx.com/EWS/Exchange.asmx -BasicAuthentication:$True

Get-CLientAccessserver | Set-ClientAccessServer -AutodiscoverServiceInternalUri https://mail.appxxx.com/autodiscover/autodiscover.xml

and restart IIS
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
bbonnerAuthor Commented:
You are a true genius!  This worked and was very easy.  Thanks!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.