Outlook 2007 Cert/RPC over HTTP issue

Posted on 2010-09-20
Last Modified: 2012-05-10
The sales team at a client’s company are using RPC over HTTP in outlook 2007 to connect to their emails from home. In outlook 2003 this always has and still does work fine. However they are now getting a certificate error (attached)
The interesting this is this is only happening in this version of outlook for machines that are attached to the corporate domain. If the machine is in a workgroup there is no issue.
The MSSTD proxy is set to the CN of the certificate but still we are getting errors. Short of turning the proxy feature off within exchange I am out of ideas. Any help would be much appreciated.
 Certificate Error
Question by:lil_dan
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 2
LVL 26

Expert Comment

ID: 33716747

Author Comment

ID: 33716820 is working from the internet and internally, im not sure you are meant to hit a page when browsing to rpcproxy.dll are you?

Author Comment

ID: 33716865
Actually when browsing the dll it prompts for a username and password and authenticates successfully using corporate username and pw combination - both internet and internal.  
Why You Need a DevOps Toolchain

IT needs to deliver services with more agility and velocity. IT must roll out application features and innovations faster to keep up with customer demands, which is where a DevOps toolchain steps in. View the infographic to see why you need a DevOps toolchain.

LVL 32

Expert Comment

ID: 33717267
LVL 26

Expert Comment

ID: 33718550
Just curious, if you run
Set-OutlookProvider -Identity EXPR none

Note: its not $null but none and try to repair the OL2k7 profiles ...then test against the exchange server

Author Comment

ID: 33723512
The results from the article are as follows

Get-ExchangeCertificate | where { $_.Services.ToString(
).Contains("IIS") -eq $true } | fl Cert*

CertificateDomains : {,}
CertificateRequest :

Get-ClientAccessServer uklonsvrex1 | fl AutoDiscoverSer

AutoDiscoverServiceInternalUri :

Get-WebServicesVirtualDirectory | fl *Url

InternalNLBBypassUrl :
InternalUrl          :
ExternalUrl          :

Get-OabVirtualDirectory | fl *Url

InternalUrl :
ExternalUrl :

Get-AutodiscoverVirtualDirectory | fl *Url

InternalUrl :
ExternalUrl :

Get-OutlookAnywhere | fl External*

ExternalHostname :

Unfortunatley the Set-OutlookProvider -Identity EXPR none

Set-OutlookProvider : A parameter cannot be found that matches parameter name '
At line:1 char:20
+ Set-OutlookProvider  <<<< -Identity EXPR none

and Set-OutlookProvider -Identity EXPR returns

WARNING: The command completed successfully but no settings of 'EXPR' have been

either way its not working still. Thanks for your help so far - any further assistance would be really appreciated! :)

LVL 32

Expert Comment

ID: 33724047
you need to update your oab vdir

set-oabvirtualdirectory oab* -InternalUrl
LVL 32

Accepted Solution

endital1097 earned 500 total points
ID: 33724061
also post the results from
get-outlookprovider expr | fl

server and certprincipalname should both be blank
if either are not run

set-outlookprovider expr -server $null -certprincipalname $null

Author Comment

ID: 33724586
@endital1097 - Should the cert pincipal name not be that of the cert with a prefix of msstd: ?
This means i can tick the "only connect to proxy servers with this principal name" box in outlook, ensuring the security of the connection does it not?
LVL 32

Expert Comment

ID: 33735252
no, this certprincipalname value should be blank except for a few circumstances
your configuration does not require a value

Author Closing Comment

ID: 33754306
The solution is a work around that fixes the problem - the issue is it allows people to connect without selecting SSL proxy settings within outlook, which in turn creates a security risk. However if you are looking for quick fix this definitely works.

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many people use more than one email account and so it becomes difficult for them to manage them when they use separate accounts,  so, in this article, I have shared an easy way to add Other Mail Accounts in your Google Inbox. It helps to combine all…
Examines three attack vectors, specifically, the different types of malware used in malicious attacks, web application attacks, and finally, network based attacks.  Concludes by examining the means of securing and protecting critical systems and inf…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Many of my clients call in with monstrous Gmail overloading issues with Outlook. A quick tip is to turn off the All Mail and Important folders from synching. Here is a quick video I made to show you how to turn off these and other folders in Gmail s…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question