?
Solved

Server self signed cert expired. I tried to reissue and now OWA does not work!

Posted on 2011-04-22
7
Medium Priority
?
368 Views
Last Modified: 2012-08-14
Customer started receiving the following error when opening outlook 2007 "The name on the security certificate is invalid or does not match the name of the site."

I have never work on self signed certs but gave it a try. Now OWA is not working. I have no idea what is wrong. Please help.....

OWA address: webmail.landtecservices.com
0
Comment
Question by:Jesse2035
  • 4
  • 3
7 Comments
 

Author Comment

by:Jesse2035
ID: 35449876
Is anyone out there?
0
 
LVL 8

Expert Comment

by:praveenkumare_sp
ID: 35450120
i am here the certificate guy :)

Go to Exchange management shell and run the below command

New-ExchangeCertificate -SubjectName "c=US, o=Woodgrove Bank, cn=mail1.woodgrovebank.com" -DomainName mail1.woodgrovebank.com, woodgrovebank.com, example.com, autodiscover.domain.com -PrivateKeyExportable $true

<change the above command and put the urls used by ur users , if ur not sure give me the OWA url, internal domain name, external domain name and i would give u the exact command>

after u do this run
Enable-exchangecertificate -services "iis,smtp.pop.imap" -thumbprint <put the thunbprint u get from the previous command>
0
 

Author Comment

by:Jesse2035
ID: 35459695
@ praveenkumare_sp :

info is as follows....


OWA - webmail.landtecservices.com
internal - landtecservices.local
external - landtecservices.com
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 8

Expert Comment

by:praveenkumare_sp
ID: 35460165
The command is

New-ExchangeCertificate -SubjectName "c=US, o=Landtec Services, cn=webmail.landtecservices.com" -DomainName webmail.landtecservices.com, landtecservices.local
, landtecservices.com, autodiscover.landtecservices.com,FQDN -PrivateKeyExportable $true

Please replace the FQDN  with your exchange server's Fully qualified Domain Name


after u do this run
Enable-exchangecertificate -services "iis,smtp.pop.imap" -thumbprint <put the thunbprint u get from the previous command>

0
 

Author Comment

by:Jesse2035
ID: 35508951
So, when I go to enable the cert with: Enable-exchangecertificate -services "iis,smtp.pop.imap" -thumbprint <put the thunbprint u get from the previous command>  it does not work.

I wound up running the above listed command on the old cert to try and renew it. I deleted the new cert. I am back at square one. I am getting the same warning when opening outlook.
0
 
LVL 8

Accepted Solution

by:
praveenkumare_sp earned 2000 total points
ID: 35509763
Run this command

New-ExchangeCertificate -SubjectName "c=US, o=Landtec Services, cn=webmail.landtecservices.com" -DomainName webmail.landtecservices.com, landtecservices.local
, landtecservices.com, autodiscover.landtecservices.com,FQDN -PrivateKeyExportable $true | Enable-exchangecertificate -services "iis,smtp.pop.imap"



this should work and create a new cert and enable the services

0
 

Author Closing Comment

by:Jesse2035
ID: 36292175
Thank You!
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Mailbox Corruption is a nightmare every Exchange DBA wishes he never has. Recovering from it can be super-hectic if not entirely futile. And though techniques like the New-MailboxRepairRequest cmdlet have been designed to help with fixing minor corr…
Good news! Plesk 12.5 (with update #28 and above) now includes support for HTTP/2. This is a major update to HTTP1.1, which is over 15 years old. Read below to learn how to enable HTTP/2 on your Media Temple DV with Plesk.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
Suggested Courses

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question