Solved

Outlook 2007/2010 Keeps asking for Equifax certificate

Posted on 2010-09-06
6
1,283 Views
Last Modified: 2012-05-10
I have installed a UCC certificate into Exchnage 2010. OWA works fine. when I use Outlook Anywhare connecting to my mail with RPC/HTTP, I keep getting a reuest to trust a certifcate and import. When I do the import it says that it was sucessfull, however the next ime I use outlook anywher the same issues happems. See JPG
1.jpg
2.jpg
0
Comment
Question by:PaulMcDonogh1
  • 3
6 Comments
 
LVL 8

Accepted Solution

by:
pvlier earned 500 total points
ID: 33612282
Hi, as you can see on your posted images the certificate is issued to '*.wadns.net'. When outlook connects to your server is uses the 'autodiscover''  feature to collect information about your server. The autodiscover URL is set to 'autodiscover.smms.ac.za'. This name is not on the certificate (*.wadns.net) and therefore you get an error that the certificate is found but the name is not correct.
If this is an UCC certificate then you should be able to add alternative names to the certificate. Add 'autodiscover.smms.ac.za' to your certificate, install this new certificate and the error will go away.
Otherwise here are other options for your situation (scenario 4):
http://technet.microsoft.com/en-us/library/bb332063(EXCHG.80).aspx
0
 

Author Comment

by:PaulMcDonogh1
ID: 33957451
No luck closing
0
 
LVL 8

Expert Comment

by:pvlier
ID: 33959162
Did you understand what I posted? This is a name-on-the-certificate-problem where the name on the certificate doesn't match the domainname that it is installed on. The proof is in the screenshots.
0
 
LVL 8

Expert Comment

by:pvlier
ID: 33973424
Please let me know if the problem still exists. You have multiple options to fix this problem, depending on the server(s) configuration. You need to make sure the correct name exists on the certificate (you can have a certificate with multiple names) or redirect the autodiscover in dns to the correct server so outlook can see it needs to validate another name. Both options can fix the problem. I would go with the first option and purchase a multi-domainname-certificate (called UCC) because that is the most accepted solution for devices like phones, handhelds, etc
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Exchannge third party certificate 3 52
Ubuntu 14 with Apache 7 74
Reducing the size of certificate chain 2 64
Ways to assess https/ssl websites 3 87
We've all had that page pop up telling us there is a problem with the certificate and some of us continue on anyways and others run away to a safer competing site.  But what to do when you get the error - is it your problem or theirs?  What can you …
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now