We help IT Professionals succeed at work.
Get Started

SBS 2011 Exchange activesync/autodiscover SSL problem

2,676 Views
Last Modified: 2012-05-11
I just migrated from sbs2003 to sbs2011 and I'm having autodiscover issues with my outlook over http.  OWA works fine and local email works fine, but when any user tries to access their outlook over http, they get an autodiscover.domain.com certificate error.  When I viewed the certificate, it isn't the right certificate for my network.  It shows the CN name of website associated with the domain instead of my remote.domain.com.  Below is the textexchange log:




      Connectivity Test Successful
 
Test Details
      Attempting the Autodiscover and Exchange ActiveSync test (if requested).
       Autodiscover was successfully tested for Exchange ActiveSync.
       
      Test Steps
       
      Attempting each method of contacting the Autodiscover service.
       The Autodiscover service was tested successfully.
       
      Test Steps
       
      Attempting to test potential Autodiscover URL https://samcc.org/AutoDiscover/AutoDiscover.xml
       Testing of this potential Autodiscover URL failed.
       
      Test Steps
       
      Attempting to resolve the host name samcc.org in DNS.
       The host name resolved successfully.
       
      Additional Details
      Testing TCP port 443 on host samcc.org to ensure it's listening and open.
       The port was opened successfully.
      Testing the SSL certificate to make sure it's valid.
       The SSL certificate failed one or more certificate validation checks.
       
      Test Steps
       
      Validating the certificate name.
       Certificate name validation failed.
        Tell me more about this issue and how to resolve it
       
      Additional Details
       Host name samcc.org doesn't match any name found on the server certificate CN=new.thebelfordgroup.com, OU=Domain Control Validated, O=new.thebelfordgroup.com.

      Attempting to test potential Autodiscover URL https://autodiscover.samcc.org/AutoDiscover/AutoDiscover.xml
       Testing of this potential Autodiscover URL failed.
       
      Test Steps
       
      Attempting to resolve the host name autodiscover.samcc.org in DNS.
       The host name resolved successfully.
       
      Additional Details
      Testing TCP port 443 on host autodiscover.samcc.org to ensure it's listening and open.
       The port was opened successfully.
      Testing the SSL certificate to make sure it's valid.
       The SSL certificate failed one or more certificate validation checks.
       
      Test Steps
       
      Validating the certificate name.
       Certificate name validation failed.
        Tell me more about this issue and how to resolve it
       
      Additional Details
      Attempting to contact the Autodiscover service using the HTTP redirect method.
       The attempt to contact Autodiscover using the HTTP Redirect method failed.
       
      Test Steps
       
      Attempting to resolve the host name autodiscover.samcc.org in DNS.
       The host name resolved successfully.
       
      Additional Details
      Testing TCP port 80 on host autodiscover.samcc.org to ensure it's listening and open.
       The port was opened successfully.
      ExRCA is checking the host autodiscover.samcc.org for an HTTP redirect to the Autodiscover service.
       ExRCA failed to get an HTTP redirect response for Autodiscover.
       
      Additional Details
       A Web exception occurred because an HTTP 404 - NotFound response was received from IIS6.
      Attempting to contact the Autodiscover service using the DNS SRV redirect method.
       ExRCA successfully contacted the Autodiscover service using the DNS SRV redirect method.
       
      Test Steps

I bolded the two portions of this log that I think are relevent.

I have created a SRV record in my public dns as well.  For some reason outlook over http is using this goofy certificate.  How do I make it use the correct one?
Comment
Watch Question
Commented:
This problem has been solved!
Unlock 1 Answer and 7 Comments.
See Answer
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE