Exchange 2010 Single Cert conflicts with host and autodiscover

We have two 2010 servers. is the internal CAS/DB server; is a CAS server that faces the internet.  EXCHANGE has a self-signed cert as; EXCHANGEFE has regular SSL cert named  

When Outlook profiles are configured, they typically show connection to EXCHANGE and use the self-signed cert with no issue.  

The last few days, there have been instances where users open Outlook and are prompted with a EXCHANGEFE --AND-- AUTODISCOVER cert mis-match because that server only has cert installed.

How can I force all internal users to only go to EXCHANGE CAS server so that the ExchangeFE does not show EXCHANGEFE and AUTODISCOVER cert errors?

Autodiscover is not available via internet.  We have it internal, but I am OK with turning it OFF and requiring manual Outlook profile configuration.
Who is Participating?
pritamshConnect With a Mentor Commented:
Use Same Cert Across organisation.Follow below mentioned article;
You can user same cert for OWA as well as for Autodiscover but make sure you have same subject name for both for eg; OWA URL : and AutoDiscover URl :

If you are using Third party certificate then it will work from internet as well.
tcloudAuthor Commented:
So I need to set the AutoDiscover URI manually, if so ,where?

How do I keep clients from going to  They should go to EXCHANGE or use the OWA cert on the ExchangeFE server.
tcloudAuthor Commented:
You were absolutely right, one of my servers still had the listed when it should have been the for which I have a cert.  THANKS!
All Courses

From novice to tech pro — start learning today.