Link to home
Start Free TrialLog in
Avatar of Majo2469
Majo2469Flag for United States of America

asked on

MS Outlook keeps prompting to accept certificate

We recently installed an SSL certificate from GoDaddy to resolve the external issues with our Outlook Web Access. However, now internally it keeps asking users (several times) if they want to proceed. I have had the users install the certificate, but the issue persists. I think I may have accidently tried to install that certificate in to the local domain for that server in IIS. Can anyone tell me how to resolve this issue.

Thanks!
Avatar of Paul MacDonald
Paul MacDonald
Flag of United States of America image

I'm guessing name resolution is different for people outside the network than inside.  That is, outside they hit owa.external.com and inside they hit owa.internal.com or something.  The SSL certificate isn't mapped to the internal URL so your browser is warning you the certificate may be bad.
Avatar of Majo2469

ASKER

Great, how do I resolve this?
Either have your users connect to the URL the certificate was issued for (owa.external.com), get another certificate for the internal URL, or have users connect internally using a non-HTTPS URL.  One last option would be to generate your own certificate, but that's so much work I wouldn't even consider it.
On your internal DNS server (Your AD Server)  create a new record or zone for the external.com namespace....then create a owa.external.com and point this to the local IP
I think I miscommunicated something. Internally we use the Outlook Client - Externally we use OWA. When they open MS Outlook the error is presented
I wouldn't mess around with creating another cert...you can create a new DNS zone in a minute or two.   Then just flush the dns and test.
ASKER CERTIFIED SOLUTION
Avatar of Rick Fee
Rick Fee
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
"I think I may have accidently tried to install that certificate in to the local domain for that server in IIS."
Hmm.  This shouldn't have any effect on Outlook.  Are you using IMAP or POP internally?
IMAP (native Outlook Client)
EndureKona - THANK YOU THANK YOU THANK YOU!!!

You identified the issue, and your solution worked PERFECTLY.

YOU ARE TRULY AN EXPERT!!!


(I do appreciate all answers)