Error SSL certificat prompt in Outlook - Exchange 2010

Posted on 2011-09-19
Last Modified: 2012-05-12
Hello everyone,

I encountered a problem with SSL certificat.

I've just bought a SAN SSL certificate to protect all my external domain.
But I have now a prompt in my local domain on Outlook saying my certificate is note valide for this URL.
My Outlook client in local are connected to the Exchange server (
Does I abligatory need to add the name of my Exchange server in the SAN ssl certificate or is there a workeround to use the generated certificate just for OWA, ActiveSync and Outlook Anywhere connection ?

Thanks in advance for your answers.

Question by:dbrenot
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
LVL 25

Expert Comment

ID: 36559412
you should have these names in your certificate

Please check this

Author Comment

ID: 36559426
thanks but the problem is my internal domain name was created with windows NT 4 and is like and I've not bought the domain

Could I change the internal URL used by Outlook client to connect to Exchange ?

Author Comment

ID: 36559463
Could I use the command line get-clientaccessserver | fl *uri* and set-clientaccessserver -AutoDiscoverServiceInternalUri to change the URL to point to the URL in my certificate ?

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

LVL 25

Accepted Solution

-MAS earned 500 total points
ID: 36559557
Here is the full commands

[PS] C:\Documents and Settings\Administrator.UICDOMAIN>Get-clientAccessServer | fl Name,AutoDiscoverServiceInternalUri

Name                           : HUB1
AutoDiscoverServiceInternalUri :
Set-ClientAccessServer -Identity hub1 -AutoDiscoverServiceInternalUri ""

[PS] C:\Documents and Settings\Administrator.UICDOMAIN>Get-AutodiscoverVirtualDirectory | fl Name,internalurl,externalurl

Name        : Autodiscover (Default Web Site)
InternalUrl :
ExternalUrl :

Offline Address Book

[PS] C:\Documents and Settings\Administrator.UICDOMAIN>Get-OabVirtualDirectory |  fl Server,Name,internalurl,externalurl

Server      : HUB1
Name        : OAB (Default Web Site)
InternalUrl : ExternalUrl :

Set-OabVirtualDirectory -Identity "hub1\oab (default web site)" -InternalUrl -ExternalUrl

[PS] C:\Documents and Settings\Administrator.UICDOMAIN>Get-UMVirtualDirectory | fl Name,Server,Internalurl,externalurl

Name        : UnifiedMessaging (Default Web Site)
Server      : HUB1
InternalUrl :
ExternalUrl :

set-UMVirtualDirectory -Identity "hub1\UnifiedMessaging (Default Web Site)" -InternalUrl -ExternalUrl

[PS] C:\Documents and Settings\Administrator.UICDOMAIN>Get-WebServicesVirtualDir
ectory | fl name,internalurl,externalurl

Name        : EWS (Default Web Site)
InternalUrl :
ExternalUrl :

set-WebservicesVirtualDirectory -Identity "hub1\EWS (default web site)" -InternalUrl -ExternalUrl


LVL 14

Expert Comment

ID: 36559561
you can do this from the EMC, give exchange 2007/2010.
You should indeed set your internal URLS to the same as the External, and have all the right internal dns records to resolve these.
LVL 25

Expert Comment

ID: 36559579

Change it to your external domain name.
LVL 25

Expert Comment

ID: 36559589
you make both internal and external the same
LVL 25

Expert Comment

ID: 36559608
Apart from that Why you keep windows NT,
Install windows2003/2008 server and promote it a domain controller and transfer all  FSMO roles.

Then change the DNS IP in the exchange server and restart and run command  ' /prepareAD'


Featured Post

Creating Instructional Tutorials  

For Any Use & On Any Platform

Contextual Guidance at the moment of need helps your employees/users adopt software o& achieve even the most complex tasks instantly. Boost knowledge retention, software adoption & employee engagement with easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
Find out what you should include to make the best professional email signature for your organization.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question