ffemt968
asked on
Certificate Error when opening outlook
I just installed a new certificatre on my exchange 2007 server and now I have users getting the following error message when opening up outlook 2007:
"Information you exchange with this site cannot be viewed or changed by others however there is a problem with the sites certificate."
I remember there is a way to disable this but I don't remember how.
"Information you exchange with this site cannot be viewed or changed by others however there is a problem with the sites certificate."
I remember there is a way to disable this but I don't remember how.
ASKER
it is a ucc cert and the file attatched has a screen shot
ASKER
Helps if I attach it 
Can you post a screenshot of the View Certificate page?
Hi,
Seems like you don't have the correct names register in SAN of the certificate. What is the users's email address and your domain and if you go the properties of the cert, check what is mentioned under the SAN. {subject alternative name)
Regards,
v-2nas
Seems like you don't have the correct names register in SAN of the certificate. What is the users's email address and your domain and if you go the properties of the cert, check what is mentioned under the SAN. {subject alternative name)
Regards,
v-2nas
ASKER
I blanked out any personal information 
ASKER
Problem is I'm not the one who made the old one and I already got rid of it I know there is a way to make this disappear but I just cant remember
You can do it from the client if the smtp domain is present in the certificate, if these are outlook 2003 clients then CN name on the cert must match smtp domain.
Regards,
v-2nas
Regards,
v-2nas
ASKER
Outlook 2007
what is your smtp domain name [you can give it a random name], you local domain and SAN enteries on the certificate. Go to cert properties, details, under details there will be subject alternative name.
Regards,
v-2nas
Regards,
v-2nas
ASKER
I'm actually not sure
hmm, can you get that info and post later.
ASKER
the email addresses are username@northeastcoating.
I have northeastcoating listed does it need a local one like DOMAIN.SERVERNAME.local?
I have northeastcoating listed does it need a local one like DOMAIN.SERVERNAME.local?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
ok I do have an autodiscover and I have just notheastcoating.com so I would need
northeastcoating.com.serve
northeastcoating.com.serve
The following records let say your internal domain is private.local and your smtp is private.com then san enteries would be
private.local
autodiscover.private.com [you need to create a dns zone for private.com in your internal windows dns]
mail.private.com [pointing to your internet facing ip nated to cas server this will also be used as host for autodiscover service records]
check this article for correct autodiscover urls published for external access on cas server
http://support.microsoft.com/kb/940726
Regards
v-2nas
private.local
autodiscover.private.com [you need to create a dns zone for private.com in your internal windows dns]
mail.private.com [pointing to your internet facing ip nated to cas server this will also be used as host for autodiscover service records]
check this article for correct autodiscover urls published for external access on cas server
http://support.microsoft.com/kb/940726
Regards
v-2nas
ASKER
so be just going in and putting another SAN on there for .local will not work
what kind of cert is that.? Standard ssl / ucc ssl. The url/smtp domain, is it include in the cert.
If you can put a screenshot of the error that will be helpful
Regards,
v-2nas