Solved

Certification error connecting Outlook 2007/10 to Exchange 2007.

Posted on 2010-11-15
3
777 Views
Last Modified: 2012-08-13
Following on from another post i made:
HERE

I am having an issue with a certification error between my Outlook Clients and Exchange Server.

I enabled a purchased 3rd party UCC Certificate through Exchange Powershell to allow http over RPC from external. My initial problem was that I did not add all of the required alt names to my first cert. Now everything is working (external clients, OWA) but outlook clients are getting a certificate error on initial connection on our internal network.

The error is telling me that "the name on the security certificate is invalid or does not match the name of the site" and the site to which it is trying to cennect is "Sites"

Sites is a cname that SBS puts into DNS to resolve to it's IIS applications (e.g. http://sites/owa). I dont know why Outlook is coming back with this eror (it should be retrieving data from servername.domain.local, which is an alt name on my certificate).

I have even tried deleting my outlook profile and re-connecting to clear out any links that I may have previously created.

Any ideas why Outlook would connect to sites and get this error??

Outlook Certificate Error
0
Comment
Question by:noooodlez
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 26

Expert Comment

by:e_aravind
ID: 34136004
Outlook uses the Exchnage and IIS to *fully* connect
For the autodiscover,EWS this will try using the cert. on the IIS

You could try configuring the URLs for the Autodiscover, EWS to see if you can avoid this warning
0
 
LVL 26

Accepted Solution

by:
e_aravind earned 500 total points
ID: 34136011
Security warning when you start Outlook 2007 and then connect to a mailbox that is hosted on a server that is running Exchange Server 2007 or Exchange Server 2010: "The name of the security certificate is invalid or does not match the name of the site"
http://support.microsoft.com/kb/940726
0
 

Author Comment

by:noooodlez
ID: 34136885
Hi, Cheers for getting back to me.

Sounds like the one. I have checked the locations of the XML files and they are valid URLs when I replace mail.contoso.com with the netbios name of the server.

Now I need to know how to configure. The kb article suggests I use mail.domain.com (the name on my certificate). If I use this internally I think I would need to either updated the hosts file or DNS!?

Should I use the netbios name (simpler config) or the mail.domain.com, and make that resolve to the exchange server nic? Will the netbios name cause problems further down the line?

Is there any way I can back up this config in case I need to revert back?

Many Thanks.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question