Solved

Certificate SAN Mismatch

Posted on 2010-11-25
6
2,822 Views
Last Modified: 2012-05-10
Ran BPS on an Exchagne 2010 running on W2008R2 after installing Exchange 2010 SP1

Get one critical error that is Certificate SAN mismatch

The subject alternative name (SAN) of SSL certificate for https://mail.domain.com/ews/exchange.asmx does not appear to match the host address. Host address: mail.domain.com. Current SAN: DNS Name=W2008R2, DNS Name=W2008R2.domain.com.

I have an "outside DNS A record for mail.domain.com and a reverse dns record to use mail.domain.com

The certificate is self issued.

Thanks

0
Comment
Question by:911bob
  • 3
  • 3
6 Comments
 
LVL 10

Accepted Solution

by:
dhruvarajp earned 500 total points
ID: 34214152
you need to obtain a SAN/UCC certifacate from certificate vendor or from a internal CA if you have any
the certificate should have following subject names

1. mail.yourdomain.com
2.FQDN of your exch server
3. autodiscover.yourdomain.com
4.netbios name of your exch server

the self signed cert is not UCC / SAN that why you got this error.
0
 

Author Comment

by:911bob
ID: 34214162
Will it hurst not to have an outside Cert?
0
 
LVL 10

Expert Comment

by:dhruvarajp
ID: 34214180
that really depends on your exchange usage. if you have remote users like
iphone or outlook anywhere that connect to exchange using outlook on internet they will not be be able to connect

domain users will work seamlessly if you do not have outside cert
0
Are end users causing IT problems again?

You’ve taken the time to design and update all your end user’s email signatures, only to find out they’re messing up the HTML, changing the font and ruining the imagery. What can you do to prevent this? Find out how you can save your signatures from end users today.

 

Author Comment

by:911bob
ID: 34214239
I have 1 iPhone user and a couple that use OWA, but when they get the Cert Warning, I tell them to ignore and click through..

Its a non-profit charity so they want to spend as little as possible..
0
 
LVL 10

Expert Comment

by:dhruvarajp
ID: 34214286
ok. then you will just go by what you have...
you can select BPA to not to report this warning again
0
 

Author Closing Comment

by:911bob
ID: 34214293
Thanks for your info.. and fast..
0

Featured Post

Want to promote your upcoming event?

Are you going to an event? Are you going to be exhibiting at a tradeshow? Talking at a conference? Using a promotional banner in your email signature ensures that your organization’s most important contacts stay in the know and can potentially spread the word about the event.

Join & Write a Comment

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
This video discusses moving either the default database or any database to a new volume.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now