Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Outlook 2010 \ Exchange 2010 Security Alert Message

Posted on 2011-09-15
11
Medium Priority
?
344 Views
Last Modified: 2012-08-14
Experts,

Need your help! We just added 2010 Exchange and now getting Security Alerts on clients with Outlook 2010. How do we fixed this? Do we need a cert? Or can this be fixed without one?

Outlook 2010 Alert Message
0
Comment
Question by:occredit
  • 5
  • 5
11 Comments
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 2000 total points
ID: 36545717
This is certificate related and you would be best advised to buy one.  You will need a SAN / UCC (Multi-Name) SSL Cert (minimum 5 names) and you will need to include the following names in the Certificate:

mail.externaldomain.com (or whatever you choose to use)
autodiscover.externaldomain.com
internalservername.internaldomain.local
internalservername

Once installed, the errors will go away and things like Activesync / OWA will be happy and won't complain one little bit.

GoDaddy are about the cheapest.

Alan
0
 

Author Comment

by:occredit
ID: 36545747
Will a CSR required? Also, how do we install the cert? Our CAS server is windows 2008 R2.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36545786
Yes - you need to generate a CSR for Exchange to be able to order a certificate.  Run the Wizard in the Exchange Management Console> Server Configuration and make sure you end up with all the names I have suggested at the end of the wizard before you proceed.

Then copy / paste the contents of the CSR into your SSL Cert site, wait for them to approve the cert, download it and then import / enable the certificate using the Exchange Management Shell using these commands:

Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path c:\PathToCertificate\IssuedCert.cer -Encoding byte -ReadCount 0))

Get-ExchangeCertificate

Copy / paste the Thumbprint from the cert you installed above and replace the Thumbprint in the command below

Enable-ExchangeCertificate -Thumbprint 5113ae0233a72fccb75b1d0198628675333d010e -Services POP,IMAP,SMTP,IIS

Job done - sit back and enjoy a Certificate Error Free life (until Cert renewal time)!!
0
Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

 
LVL 5

Expert Comment

by:warddhooghe
ID: 36545811
If you dont have budget for it, you can also install (trust) the probably self signed certificate on the client:
http://support.microsoft.com/kb/2006728/en-us
0
 

Author Comment

by:occredit
ID: 36545843
Thanks for the prompt replies and suggestions. Once we get the Cert, we'll give it a try.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36545848
No probs - here if you need me.
0
 

Author Comment

by:occredit
ID: 36545937
Question on the CSR. The wizard only allow one domain name (common name) how do we generate for multiple domains?
0
 

Author Comment

by:occredit
ID: 36545956
I meant mutiple names.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36545981
You don't need to generate one for multiple domain names.

You can host multiple domain names with Exchange with just a 5-name SSL certificate and have everything work happily.

Setup an Autodiscover A record for your Primary Domain name (or an SRV record pointing to a name in your SSL cert e.g., mail.domaina.com) and then setup an SRV record for all the other domain names and point the SRV record to mail.domaina.com and there won't be any complaints.  I do this myself and it works like a charm :)
0
 

Author Closing Comment

by:occredit
ID: 36712045
Got a Multiple Domain (UCC) SSL up to 5 domains from Go Daddy and it worked!

Thanks for the help.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36712258
Excellent - thanks for the points.

Alan
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here in this article, you will get a step by step guidance on how to restore an Exchange database to a recovery database. Get a brief on Recovery Database and how it can be used to restore Exchange database in this section!
With so many activities to perform, Exchange administrators are always busy in organizations. If everything, including Exchange Servers, Outlook clients, and Office 365 accounts work without any issues, they can sit and relax. But unfortunately, it…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses
Course of the Month11 days, 23 hours left to enroll

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question