?
Solved

Exchange 2010 / Outlook 2010 CA issue with selfsigned certificate

Posted on 2011-03-13
7
Medium Priority
?
1,108 Views
Last Modified: 2012-05-11
Hi all,

I have recently installed Exchage 2010 and now it's saying that root ca is not authorized.

I have generated a new certificate with all the SAN names using the selfsigned service however it's still showing up that it's not authorized CA.

We as this is going to be used for internal only we are not looking to purchase any 3rd party certificate.

Could anyone kindly place me into the right direction?
0
Comment
Question by:lucifer82
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 22

Expert Comment

by:chakko
ID: 35125384

have you tried to import the self signed SSL into the user's computer?

Import the SSL into the Trusted Root Certification Authorities store.
0
 
LVL 7

Author Comment

by:lucifer82
ID: 35125608
I wanted to avoid doing that.

I have previoiusly done this with exchange 2007 and office 2007 without in need to install the root ca I was able to avoid all the pop up I get in Office
0
 
LVL 22

Accepted Solution

by:
chakko earned 2000 total points
ID: 35125724

I read somewhere that in Outlook 2010 they changed it.  In Outlook 2007 it would skip some SSL validation process which stopped pop-ups for self signed SSL.  

http://blogs.msexchange.org/walther/2010/05/18/certificate-warning-when-using-self-signed-exchange-certficate-and-outlook-2010/

0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 31

Expert Comment

by:MegaNuk3
ID: 35125983
Why not install your own Enterprise CA, that way all domain joined clients will trust it?
0
 
LVL 32

Expert Comment

by:endital1097
ID: 35127779
A self signed certificate will never be valid when viewed
Outlook 2007 and later clients will ignore the self-signed cert when using SCP
0
 
LVL 7

Author Comment

by:lucifer82
ID: 35128817
I thought about placing the own Enterprise CA but we don't have any Enterprise 2008.

It would totally make sense that Office 2010 made the change because the setting is exactly the same with exchange 2007 and it doesn't give me any error what so ever.
0
 
LVL 7

Author Closing Comment

by:lucifer82
ID: 35153097
We end up purchasing the certificate but thank you for the information on office 2010.
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
Many of my clients call in with monstrous Gmail overloading issues with Outlook. A quick tip is to turn off the All Mail and Important folders from synching. Here is a quick video I made to show you how to turn off these and other folders in Gmail s…
Suggested Courses
Course of the Month9 days, 19 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question