Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Certificate SAN Mismatch

Posted on 2010-11-25
6
2,885 Views
Last Modified: 2012-05-10
Ran BPS on an Exchagne 2010 running on W2008R2 after installing Exchange 2010 SP1

Get one critical error that is Certificate SAN mismatch

The subject alternative name (SAN) of SSL certificate for https://mail.domain.com/ews/exchange.asmx does not appear to match the host address. Host address: mail.domain.com. Current SAN: DNS Name=W2008R2, DNS Name=W2008R2.domain.com.

I have an "outside DNS A record for mail.domain.com and a reverse dns record to use mail.domain.com

The certificate is self issued.

Thanks

0
Comment
Question by:911bob
  • 3
  • 3
6 Comments
 
LVL 10

Accepted Solution

by:
dhruvarajp earned 500 total points
ID: 34214152
you need to obtain a SAN/UCC certifacate from certificate vendor or from a internal CA if you have any
the certificate should have following subject names

1. mail.yourdomain.com
2.FQDN of your exch server
3. autodiscover.yourdomain.com
4.netbios name of your exch server

the self signed cert is not UCC / SAN that why you got this error.
0
 

Author Comment

by:911bob
ID: 34214162
Will it hurst not to have an outside Cert?
0
 
LVL 10

Expert Comment

by:dhruvarajp
ID: 34214180
that really depends on your exchange usage. if you have remote users like
iphone or outlook anywhere that connect to exchange using outlook on internet they will not be be able to connect

domain users will work seamlessly if you do not have outside cert
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:911bob
ID: 34214239
I have 1 iPhone user and a couple that use OWA, but when they get the Cert Warning, I tell them to ignore and click through..

Its a non-profit charity so they want to spend as little as possible..
0
 
LVL 10

Expert Comment

by:dhruvarajp
ID: 34214286
ok. then you will just go by what you have...
you can select BPA to not to report this warning again
0
 

Author Closing Comment

by:911bob
ID: 34214293
Thanks for your info.. and fast..
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

791 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question