Solved

Exchange 2010 / Outlook 2010 CA issue with selfsigned certificate

Posted on 2011-03-13
7
1,103 Views
Last Modified: 2012-05-11
Hi all,

I have recently installed Exchage 2010 and now it's saying that root ca is not authorized.

I have generated a new certificate with all the SAN names using the selfsigned service however it's still showing up that it's not authorized CA.

We as this is going to be used for internal only we are not looking to purchase any 3rd party certificate.

Could anyone kindly place me into the right direction?
0
Comment
Question by:lucifer82
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 22

Expert Comment

by:chakko
ID: 35125384

have you tried to import the self signed SSL into the user's computer?

Import the SSL into the Trusted Root Certification Authorities store.
0
 
LVL 7

Author Comment

by:lucifer82
ID: 35125608
I wanted to avoid doing that.

I have previoiusly done this with exchange 2007 and office 2007 without in need to install the root ca I was able to avoid all the pop up I get in Office
0
 
LVL 22

Accepted Solution

by:
chakko earned 500 total points
ID: 35125724

I read somewhere that in Outlook 2010 they changed it.  In Outlook 2007 it would skip some SSL validation process which stopped pop-ups for self signed SSL.  

http://blogs.msexchange.org/walther/2010/05/18/certificate-warning-when-using-self-signed-exchange-certficate-and-outlook-2010/

0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 
LVL 31

Expert Comment

by:MegaNuk3
ID: 35125983
Why not install your own Enterprise CA, that way all domain joined clients will trust it?
0
 
LVL 32

Expert Comment

by:endital1097
ID: 35127779
A self signed certificate will never be valid when viewed
Outlook 2007 and later clients will ignore the self-signed cert when using SCP
0
 
LVL 7

Author Comment

by:lucifer82
ID: 35128817
I thought about placing the own Enterprise CA but we don't have any Enterprise 2008.

It would totally make sense that Office 2010 made the change because the setting is exactly the same with exchange 2007 and it doesn't give me any error what so ever.
0
 
LVL 7

Author Closing Comment

by:lucifer82
ID: 35153097
We end up purchasing the certificate but thank you for the information on office 2010.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
When you have clients or friends from around the world, it becomes a challenge to arrange a meeting or effectively manage your time. This is where Outlook's capability to show 2 time zones in one calendar comes in handy.
This Experts Exchange video Micro Tutorial shows how to tell Microsoft Office that a word is NOT spelled correctly. Microsoft Office has a built-in, main dictionary that is shared by Office apps, including Excel, Outlook, PowerPoint, and Word. When …
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question