Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Outlook 2010 \ Exchange 2010 Security Alert Message

Posted on 2011-09-15
11
Medium Priority
?
343 Views
Last Modified: 2012-08-14
Experts,

Need your help! We just added 2010 Exchange and now getting Security Alerts on clients with Outlook 2010. How do we fixed this? Do we need a cert? Or can this be fixed without one?

Outlook 2010 Alert Message
0
Comment
Question by:occredit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
11 Comments
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 2000 total points
ID: 36545717
This is certificate related and you would be best advised to buy one.  You will need a SAN / UCC (Multi-Name) SSL Cert (minimum 5 names) and you will need to include the following names in the Certificate:

mail.externaldomain.com (or whatever you choose to use)
autodiscover.externaldomain.com
internalservername.internaldomain.local
internalservername

Once installed, the errors will go away and things like Activesync / OWA will be happy and won't complain one little bit.

GoDaddy are about the cheapest.

Alan
0
 

Author Comment

by:occredit
ID: 36545747
Will a CSR required? Also, how do we install the cert? Our CAS server is windows 2008 R2.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36545786
Yes - you need to generate a CSR for Exchange to be able to order a certificate.  Run the Wizard in the Exchange Management Console> Server Configuration and make sure you end up with all the names I have suggested at the end of the wizard before you proceed.

Then copy / paste the contents of the CSR into your SSL Cert site, wait for them to approve the cert, download it and then import / enable the certificate using the Exchange Management Shell using these commands:

Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path c:\PathToCertificate\IssuedCert.cer -Encoding byte -ReadCount 0))

Get-ExchangeCertificate

Copy / paste the Thumbprint from the cert you installed above and replace the Thumbprint in the command below

Enable-ExchangeCertificate -Thumbprint 5113ae0233a72fccb75b1d0198628675333d010e -Services POP,IMAP,SMTP,IIS

Job done - sit back and enjoy a Certificate Error Free life (until Cert renewal time)!!
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 5

Expert Comment

by:warddhooghe
ID: 36545811
If you dont have budget for it, you can also install (trust) the probably self signed certificate on the client:
http://support.microsoft.com/kb/2006728/en-us
0
 

Author Comment

by:occredit
ID: 36545843
Thanks for the prompt replies and suggestions. Once we get the Cert, we'll give it a try.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36545848
No probs - here if you need me.
0
 

Author Comment

by:occredit
ID: 36545937
Question on the CSR. The wizard only allow one domain name (common name) how do we generate for multiple domains?
0
 

Author Comment

by:occredit
ID: 36545956
I meant mutiple names.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36545981
You don't need to generate one for multiple domain names.

You can host multiple domain names with Exchange with just a 5-name SSL certificate and have everything work happily.

Setup an Autodiscover A record for your Primary Domain name (or an SRV record pointing to a name in your SSL cert e.g., mail.domaina.com) and then setup an SRV record for all the other domain names and point the SRV record to mail.domaina.com and there won't be any complaints.  I do this myself and it works like a charm :)
0
 

Author Closing Comment

by:occredit
ID: 36712045
Got a Multiple Domain (UCC) SSL up to 5 domains from Go Daddy and it worked!

Thanks for the help.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36712258
Excellent - thanks for the points.

Alan
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Outlook for dependable use in a very small business   This article is about using the Outlook application (part of Microsoft Office) in a very small business, or for homeowners where dependability and reliability are critical requirements. This …
Know the reasons and solutions to move/import EDB to New Exchange Server. Also, find out how to recover an Exchange .edb file and to restore the file back.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question