Solved

Exchange 2010 / Outlook 2010 CA issue with selfsigned certificate

Posted on 2011-03-13
7
1,097 Views
Last Modified: 2012-05-11
Hi all,

I have recently installed Exchage 2010 and now it's saying that root ca is not authorized.

I have generated a new certificate with all the SAN names using the selfsigned service however it's still showing up that it's not authorized CA.

We as this is going to be used for internal only we are not looking to purchase any 3rd party certificate.

Could anyone kindly place me into the right direction?
0
Comment
Question by:lucifer82
7 Comments
 
LVL 22

Expert Comment

by:chakko
ID: 35125384

have you tried to import the self signed SSL into the user's computer?

Import the SSL into the Trusted Root Certification Authorities store.
0
 
LVL 7

Author Comment

by:lucifer82
ID: 35125608
I wanted to avoid doing that.

I have previoiusly done this with exchange 2007 and office 2007 without in need to install the root ca I was able to avoid all the pop up I get in Office
0
 
LVL 22

Accepted Solution

by:
chakko earned 500 total points
ID: 35125724

I read somewhere that in Outlook 2010 they changed it.  In Outlook 2007 it would skip some SSL validation process which stopped pop-ups for self signed SSL.  

http://blogs.msexchange.org/walther/2010/05/18/certificate-warning-when-using-self-signed-exchange-certficate-and-outlook-2010/

0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 31

Expert Comment

by:MegaNuk3
ID: 35125983
Why not install your own Enterprise CA, that way all domain joined clients will trust it?
0
 
LVL 32

Expert Comment

by:endital1097
ID: 35127779
A self signed certificate will never be valid when viewed
Outlook 2007 and later clients will ignore the self-signed cert when using SCP
0
 
LVL 7

Author Comment

by:lucifer82
ID: 35128817
I thought about placing the own Enterprise CA but we don't have any Enterprise 2008.

It would totally make sense that Office 2010 made the change because the setting is exactly the same with exchange 2007 and it doesn't give me any error what so ever.
0
 
LVL 7

Author Closing Comment

by:lucifer82
ID: 35153097
We end up purchasing the certificate but thank you for the information on office 2010.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Utilizing an array to gracefully append to a list of EmailAddresses
Large Outlook files lead to various unwanted errors and corruption issues. Furthermore, large outlook files can also make Outlook take longer to start-up, search, navigate, and shut-down. So, In this article, i will discuss a method to make your Out…
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now