SBS2008 - autodiscover.abc.co.uk - invalid certificate
Finished installing sbs2008 standard server. domain: ABC
Ran setup your internet address: abc.co.uk
Ran add a trust certificate: which found remote.abc.co.uk
Join win XP SP3 PC to its domain. Web browser > http://connect
Login as user, open up Outlook 2007. It finds exchange, but then requests that I login to remote.abc.co.uk - I click cancel and it brings up a popup autodiscover.abc.co.uk with a invalid certificate with 3 x's saying the certificate is invalid. I click view certificate and it says
Issued to: plesk
issued by: plesk
date: 2006-2007
Tried \\abcserver\public\downloa
issued to: abc-abcserver-ca
When I reboot and open up outlook again - it still finds the plesk one?
Any thoughts?
I havent installed any 3rd party certificates
Any thoughts
Ran setup your internet address: abc.co.uk
Ran add a trust certificate: which found remote.abc.co.uk
Join win XP SP3 PC to its domain. Web browser > http://connect
Login as user, open up Outlook 2007. It finds exchange, but then requests that I login to remote.abc.co.uk - I click cancel and it brings up a popup autodiscover.abc.co.uk with a invalid certificate with 3 x's saying the certificate is invalid. I click view certificate and it says
Issued to: plesk
issued by: plesk
date: 2006-2007
Tried \\abcserver\public\downloa
issued to: abc-abcserver-ca
When I reboot and open up outlook again - it still finds the plesk one?
Any thoughts?
I havent installed any 3rd party certificates
Any thoughts
Cliff Galiher
Was this SBS server installed into an existing domain? Plesk certificates are certainly not part of a standard SBS install, so that certificate came from *somewhere.*
ASKER
ASKER
@cqaliher.
SBS Server was installed yesterday, no upgrade - fresh install.
The plesk possibly coming from the client PC I am using?
How can I get it to use the certificate from the server and replace the plesk?
EXAMPLE2.JPG
SBS Server was installed yesterday, no upgrade - fresh install.
The plesk possibly coming from the client PC I am using?
How can I get it to use the certificate from the server and replace the plesk?
EXAMPLE2.JPG
No, tat certificate is coming from *a* server. May not be your SBS server. If you have a wildcard DNS record on your public hosted DNS service, remove it. Wildcard A records wreak havoc with Outlook/Exchange Autodiscover services.
ASKER
What about this?
http://www.smallbizserver.net/Forums/tabid/53/aff/104/afv/topic/aft/110529/mid/366/dnnprintmode/true/Default.aspx?skinsrc=%5BG%5DSkins%2F_default%2FNo+Skin&containersrc=%5BG%5DContainers%2F_default%2FNo+Container
At the bottom it states:
" I had a *.mydomain.com record in DNS that forwarded all queries for non existent domains to the IP of the main website. That means that whenever Outlook would query for autodiscover.mydomain.com or any of it's other default queries, it would be sent to the IP of the main website. Once there, the default behavior of my shared hosting account is to present the SSL certificate for the domain's control panel, Plesk, whenever a certificate is requested. I removed the * record and waited for DNS to propogate and flushed my local cache and it appears that everything is working now!
http://www.smallbizserver.net/Forums/tabid/53/aff/104/afv/topic/aft/110529/mid/366/dnnprintmode/true/Default.aspx?skinsrc=%5BG%5DSkins%2F_default%2FNo+Skin&containersrc=%5BG%5DContainers%2F_default%2FNo+Container
At the bottom it states:
" I had a *.mydomain.com record in DNS that forwarded all queries for non existent domains to the IP of the main website. That means that whenever Outlook would query for autodiscover.mydomain.com or any of it's other default queries, it would be sent to the IP of the main website. Once there, the default behavior of my shared hosting account is to present the SSL certificate for the domain's control panel, Plesk, whenever a certificate is requested. I removed the * record and waited for DNS to propogate and flushed my local cache and it appears that everything is working now!
that "*.mydomain.com" record IS a wildcard DNS record as I had previously mentioned. As I said, wildcard DNS records should not be used when Outlook/Exchange Autodiscover is in play.
ASKER
@No, tat certificate is coming from *a* server. May not be your SBS server. If you have a wildcard DNS record on your public hosted DNS service, remove it. Wildcard A records wreak havoc with Outlook/Exchange Autodiscover services.
How can I go about removing this?
How can I go about removing this?
I would suggest this is something to do with your ISP and maybe they are using some plesk control panel for example.
>>"I had a *.mydomain.com record in DNS that forwarded all queries for non existent domains to the IP of the main website"
Why are you doing this?
My recommendation would be to run the internet address wizard fromt he SBS Console.
Select "i already have a domain name" and then click next
then select "I want to manage the domain name myself"
then complete the wizard.
Is your internal domain name the same as your external website domain name?
>>"I had a *.mydomain.com record in DNS that forwarded all queries for non existent domains to the IP of the main website"
Why are you doing this?
My recommendation would be to run the internet address wizard fromt he SBS Console.
Select "i already have a domain name" and then click next
then select "I want to manage the domain name myself"
then complete the wizard.
Is your internal domain name the same as your external website domain name?
ASKER
Yes the hosting company that host my domain have plesk control panel, what steps should I take?
Is your internal domain name the same as your external website domain name?
How is your internal DNS configured?
Can you open the DNS console, what forward lookup zones do you have configured?
How is your internal DNS configured?
Can you open the DNS console, what forward lookup zones do you have configured?
ASKER
Hi demazter
Internal domain: abc
External: abc.co.uk
I have made no changes to DNS, all is the same as a default install. What changes do I need to make?
Internal domain: abc
External: abc.co.uk
I have made no changes to DNS, all is the same as a default install. What changes do I need to make?
is the internal abc.local?
You shouldn't need to make any changes to a default install if it's been configured correctly.
You shouldn't need to make any changes to a default install if it's been configured correctly.
ASKER
yes, abc.local
Then I ran internet connection management and used abc.co.uk
The only place where plesk certificates reside, is on the hosting company of abc.co.uk.
Outlook autodiscovery looks for remote.abc.co.uk
Then I ran internet connection management and used abc.co.uk
The only place where plesk certificates reside, is on the hosting company of abc.co.uk.
Outlook autodiscovery looks for remote.abc.co.uk
so from a client if you run the following from a command prompt what do you get:
ping autodiscover.abc.co.uk
ping autodiscover.abc.co.uk
ASKER
If I ping autodiscover.abc.co.uk I get a responce from my web hosting companys dns IP.
If I ping remote.abc.co.uk I get a response from my server IP.
If I ping remote.abc.co.uk I get a response from my server IP.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Cqaliher,
I have moved my hosting of abc.co.uk to a local domain host, which are available soon as I need them, will let you know what happens.
Hopefully it will resolve any wildcards.
I have moved my hosting of abc.co.uk to a local domain host, which are available soon as I need them, will let you know what happens.
Hopefully it will resolve any wildcards.
ASKER
Moved the hosting of the domain, I think it was the SP3 update that did it. Thanks for your hlpe and advise.