Solved

Hosted Exchange SSL issues

Posted on 2011-02-21
9
626 Views
Last Modified: 2012-06-27
I'm using Microsoft's BPOS for hosted Exchange and have many users that just use the OWA interface.  Rather than go to red001.mail.microsoftonline.com, I setup a CNAME, mail.domainname.com to point to that address.

My problem is that when the user uses the mail.domainname.com, they get a certificate error.  If the user goes to red001.mail.microsoftonline.com, then no certificate error.  I called Microsoft a few times and they said they couldn't help me.

I would like to continue using the mail.domainname.com as it is much easier for the users to remember.  Any ideas?
0
Comment
Question by:SupermanTB
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
9 Comments
 
LVL 34

Expert Comment

by:Paul MacDonald
ID: 34945630
Since the SSL certificate is issued to the domain, you would need a certificate that validated against  mail.domainname.com as well as mail.microsoftonline.com.
0
 

Author Comment

by:SupermanTB
ID: 34945646
That's what I figured.  Given the hosted exchange, I'm not sure where I would install the SSL certificate
0
 
LVL 34

Accepted Solution

by:
Paul MacDonald earned 250 total points
ID: 34945654
It would have to be on the machine hosting Exchange.  The folks at MicrosoftOnline should be able to help you out.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 

Author Comment

by:SupermanTB
ID: 34945663
Is that typically the way this is handled with hosted Exchange?  When I mentioned that to the Microsoft techs, they had no clue what I was talking about.
0
 
LVL 34

Expert Comment

by:Paul MacDonald
ID: 34945697
I don't see any other way, though it may be the expect to host the domain name for you.  That may cost extra so they may be steering you in that direction.  Since they're the host, they get to make the rules.  

You could try bringing the issue up with your salesperson.  That person may have the answers already.
0
 
LVL 1

Expert Comment

by:shabbirj
ID: 34945700

The solutions is that you can buy a SSL cert, then go to IIS on the server where the OWA role is installed and import it in
after that you can create a basic web page with your domain name and hyperlink it to the red001.mail.microsoftonline.com
I have done this and it works fine
0
 

Author Comment

by:SupermanTB
ID: 34945859
Forgive me if I'm misunderstanding you, but since this is hosted Exchange, I have no access to the server where the OWA role is installed.  Not sure how I would be able to do that.
0
 
LVL 1

Assisted Solution

by:shabbirj
shabbirj earned 250 total points
ID: 34945926
The Simple solution is to create a single web page with your Domain info and a log in
button in the log in button on the HTML page embed the link

https://red001.mail.microsoftonline.com/owa/auth/logon.aspx?url=https://red001.mail.microsoftonline.com/owa/&reason=0

The user will browse to your domain page  eg. mail.yourdomain.com
then wen they click on the button they will be redirected to the above link
0
 

Author Comment

by:SupermanTB
ID: 34946078
Ahhh, very clever.  That will work.  Thanks.
0

Featured Post

Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
Suggested Courses
Course of the Month8 days, 20 hours left to enroll

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question