Improve company productivity with a Business Account.Sign Up

x
?
Solved

Certificate SAN Mismatch

Posted on 2010-11-25
6
Medium Priority
?
3,073 Views
Last Modified: 2012-05-10
Ran BPS on an Exchagne 2010 running on W2008R2 after installing Exchange 2010 SP1

Get one critical error that is Certificate SAN mismatch

The subject alternative name (SAN) of SSL certificate for https://mail.domain.com/ews/exchange.asmx does not appear to match the host address. Host address: mail.domain.com. Current SAN: DNS Name=W2008R2, DNS Name=W2008R2.domain.com.

I have an "outside DNS A record for mail.domain.com and a reverse dns record to use mail.domain.com

The certificate is self issued.

Thanks

0
Comment
Question by:911bob
  • 3
  • 3
6 Comments
 
LVL 10

Accepted Solution

by:
dhruvarajp earned 2000 total points
ID: 34214152
you need to obtain a SAN/UCC certifacate from certificate vendor or from a internal CA if you have any
the certificate should have following subject names

1. mail.yourdomain.com
2.FQDN of your exch server
3. autodiscover.yourdomain.com
4.netbios name of your exch server

the self signed cert is not UCC / SAN that why you got this error.
0
 

Author Comment

by:911bob
ID: 34214162
Will it hurst not to have an outside Cert?
0
 
LVL 10

Expert Comment

by:dhruvarajp
ID: 34214180
that really depends on your exchange usage. if you have remote users like
iphone or outlook anywhere that connect to exchange using outlook on internet they will not be be able to connect

domain users will work seamlessly if you do not have outside cert
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 

Author Comment

by:911bob
ID: 34214239
I have 1 iPhone user and a couple that use OWA, but when they get the Cert Warning, I tell them to ignore and click through..

Its a non-profit charity so they want to spend as little as possible..
0
 
LVL 10

Expert Comment

by:dhruvarajp
ID: 34214286
ok. then you will just go by what you have...
you can select BPA to not to report this warning again
0
 

Author Closing Comment

by:911bob
ID: 34214293
Thanks for your info.. and fast..
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

You can use the network upload option and the Office 365 Import service to bulk-import PST files to user mailboxes. Network upload means that you upload the PST files a temporary storage area in the Microsoft cloud.
Microsoft has decided to launch the Exchange Server 2019 this year for its on-premise users. What’s new now Microsoft is going to serve its users? How good is it going to be on the current Exchange Server 2016? This blog is going to answer all queri…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Watch the video to know how one can repair corrupt Exchange OST file effortlessly and convert OST emails to MS Outlook PST file format by using Kernel for OST to PST converter tool. It can convert OST to MSG, MBOX, EML to access them. It can migrate…

585 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question