troubleshooting Question

Exchange 2007 SSL Problem with Domain Name

Avatar of Kevin Gibbs
Kevin Gibbs asked on
ExchangeSSL / HTTPS
26 Comments2 Solutions860 ViewsLast Modified:
Hey everyone.  Here is my situation.  I have inherited supporting a network where they named the internal domain the name of aaa.com.  I have an exchange 2007 server on this internal domain that I am trying to install an SSL cert on.  The machine name is computer.aaa.com.  Here is the problem.  The brilliant minds that created this internal domain, named it a domain we do not own!  Therefore, I can't get a cert validated and approved on aaa.com.  We don't own it!!  

The external domain name is something totally different yyy.com.  We own that and I am able to get an SSL to secure those names.  The problem is I am getting this error in my event log constantly.

Microsoft Exchange could not find a certificate that contains the domain name mail.yyy.com in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector SMTP with a FQDN parameter of mail.yyy.com. If the connector's FQDN is not specified, the computer's FQDN (computername.aaa.com) is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.

The problem is that my email is heading out the door with my internal computer domain name computername.aaa.com.  That fails every time on Reverse DNS checks.  

I can't get an SSL to match our internal domain name.  I really, really, really can't rename the internal domain, so I have to find a way to make this work.   Can anyone offer any suggestions that I can try?
ASKER CERTIFIED SOLUTION
Join our community to see this answer!
Unlock 2 Answers and 26 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 26 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros