rburney
asked on
Exchange 2007 SSL cert is not trusted
When my users open up outlook 2007 or 2010 i get the attached error message.
"Security Alert"
"Webmail.nwgmg.com
Information you exchagne with this site cannot be viewed or changed by other. However, there is a problem with the site's security certificate."
"X The application experience and internal error loading the SSL libraries. This site should not be trusted.
If i manually configure outlook it works but i do get this error periodacly. This has been working find for almost a year and suddenly this starts. Any help would be greatly appreciated.
I am runing exchange 2007 and a SSL certificate from Go Daddy.
Thanks,
Ryan Burney
ssl-issue.jpg
"Security Alert"
"Webmail.nwgmg.com
Information you exchagne with this site cannot be viewed or changed by other. However, there is a problem with the site's security certificate."
"X The application experience and internal error loading the SSL libraries. This site should not be trusted.
If i manually configure outlook it works but i do get this error periodacly. This has been working find for almost a year and suddenly this starts. Any help would be greatly appreciated.
I am runing exchange 2007 and a SSL certificate from Go Daddy.
Thanks,
Ryan Burney
ssl-issue.jpg
Please also try test-outlookwebservices | fl and see the errors.
Probably you will get the errors in it, if yes then please paste them here so that we can further help you with. However you can go with the article of shree.... hope it helps you in..
Thanks.
Probably you will get the errors in it, if yes then please paste them here so that we can further help you with. However you can go with the article of shree.... hope it helps you in..
Thanks.
ASKER
v 9mhdrf you are right... What should i do about this?
Id : 1003
Type : Information
Message : About to test AutoDiscover with the e-mail address Administrator@nwgm
g.com.
Id : 1007
Type : Information
Message : Testing server NWGMG-MX.nwgmg.com with the published name https://web
mail.nwgmg.com/ews/exchang e.asmx & https://webmail.nwgmg.com/ews/exch
ange.asmx.
Id : 1019
Type : Information
Message : Found a valid AutoDiscover service connection point. The AutoDiscover
URL on this object is https://webmail.nwgmg.com/autodiscover/autodis
cover.xml.
Id : 1013
Type : Error
Message : When contacting https://webmail.nwgmg.com/autodiscover/autodiscover.x
ml received the error The remote server returned an error: (401) Unau
thorized.
Id : 1006
Type : Error
Message : The Autodiscover service could not be contacted.
Id : 1003
Type : Information
Message : About to test AutoDiscover with the e-mail address Administrator@nwgm
g.com.
Id : 1007
Type : Information
Message : Testing server NWGMG-MX.nwgmg.com with the published name https://web
mail.nwgmg.com/ews/exchang
ange.asmx.
Id : 1019
Type : Information
Message : Found a valid AutoDiscover service connection point. The AutoDiscover
URL on this object is https://webmail.nwgmg.com/autodiscover/autodis
cover.xml.
Id : 1013
Type : Error
Message : When contacting https://webmail.nwgmg.com/autodiscover/autodiscover.x
ml received the error The remote server returned an error: (401) Unau
thorized.
Id : 1006
Type : Error
Message : The Autodiscover service could not be contacted.
ASKER
when i hit the https://webmail.nwgmg.com/autodiscover/autodiscover.xml
this is what i get...
<?xml version="1.0" encoding="utf-8" ?>
- <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
- <Response>
- <Error Time="14:32:36.5710266" Id="1218015928">
<ErrorCode>600</ErrorCode>
<Message>Invalid Request</Message>
<DebugData />
</Error>
</Response>
</Autodiscover>
this is what i get...
<?xml version="1.0" encoding="utf-8" ?>
- <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
- <Response>
- <Error Time="14:32:36.5710266" Id="1218015928">
<ErrorCode>600</ErrorCode>
<Message>Invalid Request</Message>
<DebugData />
</Error>
</Response>
</Autodiscover>
Seems like a DNS issue. Maybe you forgot to add the SRV record for Autodiscovery on your DNS. Follow the link below.
http://support.microsoft.com/kb/940881
http://support.microsoft.com/kb/940881
After running test-outlookwebservices | fl and you got 1013 which says 401 Unauthorized, then you have to follow another article.
KB- 896861.
Set the registry value and reboot the server, and also please check the authentication on the IIS manager on the server.
Autodiscover:- Basic+Windows Integrated Authentication + SSL Enabled
EWS:- Windows Integrated Authentication + SSL not required
OAB:- Windows Integrated Authentication + SSL not required
And the one which you are showing after browsing the Autodiscover is a expected behaviour, we should get the following 600 error code, that is absolutely fine.
Please check the above settings and revert back if you have any issues.
KB- 896861.
Set the registry value and reboot the server, and also please check the authentication on the IIS manager on the server.
Autodiscover:- Basic+Windows Integrated Authentication + SSL Enabled
EWS:- Windows Integrated Authentication + SSL not required
OAB:- Windows Integrated Authentication + SSL not required
And the one which you are showing after browsing the Autodiscover is a expected behaviour, we should get the following 600 error code, that is absolutely fine.
Please check the above settings and revert back if you have any issues.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Refer this article:
http://www.networknet.nl/apps/wp/archives/334
Hope this helps,
Shree