Link to home
Create AccountLog in
Avatar of abustraan
abustraan

asked on

Renewed Exchange 2k7 SSL causes Outlook 2k7 Password Prompt

I renewed my SSL UCC certificate and my Self-Signed SSL Certificate for my Exchange Server 2007. Self-Signed expired on 12/25/2010 and my UCC SSL was to expire 12/28/2010.

Now my self signed is valid until 12/26/2015 and my UCC is valid until 12/28/2012.

Since renewing the certificates my Outlook 2007 clients are prompted with a password. However, if they cancel through it, they can still send and recieve email.

When I access their accounts via OWA they work fine and my UCC Certificate is valid.

Is there a way to tell if the self-signed certifcate is causing this problem?
ASKER CERTIFIED SOLUTION
Avatar of abhijitmdp
abhijitmdp
Flag of India image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of abustraan
abustraan

ASKER

Thanks for the prompt response. In reviewing the various links contained in the article and checking the settings described, I haven't found anything that stands out.

I just installed Outlook 2k7 on a new computer. Autodiscovery works exactly as its supposed to. Fills in all the blanks and creates the Outlook account correctly. (Tells me Autodiscovery is configured correctly).

However as the emails start synching to the new computer, I am prompted with <servername>.<domain>.local

I can cancel after 5 attempts and it still sends and recieves email fine. I can also download the Offline Address book without any further prompts.

SOLUTION
Avatar of Shreedhar Ette
Shreedhar Ette
Flag of India image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Thanks for the reply. Several of the links refer to Autodiscovery. I've attached a screenshot of an autodiscovery test from one of the affected Outlook 2007 clients.

The address list refers to <myserver>.<mydomain>.local there are no references to <mydomain>.com

I should also note that I have numerous Outlook 2003 clients that aren't affected. I also configured a new cell phone to access my Exchange Server without issue.

In addition, I have installed SP2 prior to this issue.
Outlook2k7-AutodiscoverTest.jpg
I checked the certificate store on one of the 2007 computers and one of the 2003 computers and the self-signed certificate was renewed on the 2003 computer, but didn't exist on the outlook 2007 computer.

I was going to export the self-signed certifcate and noticed that it would not export the key.

If I renewed the self-signed certificate and omitted the ExportKey switch could this be causing my problem?
Update to my query: I set up a new computer from scratch (Win7 Pro) Office 2k7 SP2 Standard. (2) Outlook profiles. One with a general user email account and the other with my Email account.

The Standard User Account prompts for a password, and mine (admin rights) does not.

Hopefully this helps find an answer.

TIA
Issue seems to be resolved. I removed and re-added the "Authenticated Users" group to the permissions of EWS, OWA, and OAB.

No prompts.

Thanks for the prompt attempts to help me.

I'll leave the question open through tomorrow to make sure the problem is entirely resolved.
SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Thanks R-R for the addition. Everything seems to be fine since I removed and re-added the "Athenticated Users" account to the Virtual Directories in my IIS.

I'll close out this question, and thanks to all of the prompt replies.
A lot of variables and several "pages" of reading. Thanks to everyone for the prompt replies. It's what makes e-e a great resource.