Error SSL certificat prompt in Outlook - Exchange 2010

Hello everyone,

I encountered a problem with SSL certificat.

I've just bought a SAN SSL certificate to protect all my external domain.
But I have now a prompt in my local domain on Outlook saying my certificate is note valide for this URL.
My Outlook client in local are connected to the Exchange server (srv-exchange.masociete.net).
Does I abligatory need to add the name of my Exchange server in the SAN ssl certificate or is there a workeround to use the generated certificate just for OWA, ActiveSync and Outlook Anywhere connection ?

Thanks in advance for your answers.

Damien
dbrenotAsked:
Who is Participating?
 
MAS (MVE)Technical Department HeadCommented:
Here is the full commands

[PS] C:\Documents and Settings\Administrator.UICDOMAIN>Get-clientAccessServer | fl Name,AutoDiscoverServiceInternalUri

Name                           : HUB1
AutoDiscoverServiceInternalUri : https://hub1.domain.com/Autodiscover/Autodiscover.xml
Set-ClientAccessServer -Identity hub1 -AutoDiscoverServiceInternalUri "https://mail.domain.com/autodiscover/autodiscover.xml"
================================================================================

[PS] C:\Documents and Settings\Administrator.UICDOMAIN>Get-AutodiscoverVirtualDirectory | fl Name,internalurl,externalurl

Name        : Autodiscover (Default Web Site)
InternalUrl :
ExternalUrl :

================================================================================
Offline Address Book

[PS] C:\Documents and Settings\Administrator.UICDOMAIN>Get-OabVirtualDirectory |  fl Server,Name,internalurl,externalurl

Server      : HUB1
Name        : OAB (Default Web Site)
InternalUrl : http://hub1.domain.com/OAB ExternalUrl :

Set-OabVirtualDirectory -Identity "hub1\oab (default web site)" -InternalUrl https://mail.domain.com/oab -ExternalUrl https://mail.domain.com/oab
================================================================================

[PS] C:\Documents and Settings\Administrator.UICDOMAIN>Get-UMVirtualDirectory | fl Name,Server,Internalurl,externalurl

Name        : UnifiedMessaging (Default Web Site)
Server      : HUB1
InternalUrl : https://hub1.domain.com/UnifiedMessaging/Service.asmx
ExternalUrl :

set-UMVirtualDirectory -Identity "hub1\UnifiedMessaging (Default Web Site)" -InternalUrl https://mail.domain.com/UnifiedMessaging/Service.asmx -ExternalUrl https://mail.domain.com/UnifiedMessaging/Service.asmx

============================================================================================
EWS:
[PS] C:\Documents and Settings\Administrator.UICDOMAIN>Get-WebServicesVirtualDir
ectory | fl name,internalurl,externalurl

Name        : EWS (Default Web Site)
InternalUrl : https://hub1.domain.com/EWS/Exchange.asmx
ExternalUrl :

set-WebservicesVirtualDirectory -Identity "hub1\EWS (default web site)" -InternalUrl https://mail.domain.com/EWS/Exchange.asmx -ExternalUrl https://mail.domain.com/EWS/Exchange.asmx

===============================================================================

0
 
MAS (MVE)Technical Department HeadCommented:
you should have these names in your certificate
1. mail.external-domain-name.com
2.autodiscover.domain.com
3.exch-servername.domain.com

Please check this
http://exchangeserverpro.com/configure-an-ssl-certificate-for-exchange-server-2010
http://technet.microsoft.com/en-us/library/dd351044.aspx
0
 
dbrenotAuthor Commented:
thanks but the problem is my internal domain name was created with windows NT 4 and is like masociete.net and I've not bought the domain masociete.net.

Could I change the internal URL used by Outlook client to connect to Exchange ?
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
dbrenotAuthor Commented:
Could I use the command line get-clientaccessserver | fl *uri* and set-clientaccessserver -AutoDiscoverServiceInternalUri to change the URL to point to the URL in my certificate ?

0
 
setasoujiroCommented:
you can do this from the EMC, give exchange 2007/2010.
You should indeed set your internal URLS to the same as the External, and have all the right internal dns records to resolve these.
0
 
MAS (MVE)Technical Department HeadCommented:

Change domain.com it to your external domain name.
0
 
MAS (MVE)Technical Department HeadCommented:
you make both internal and external the same
0
 
MAS (MVE)Technical Department HeadCommented:
Apart from that Why you keep windows NT,
Install windows2003/2008 server and promote it a domain controller and transfer all  FSMO roles.

Then change the DNS IP in the exchange server and restart and run command  'setup.com /prepareAD'

Cheers
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.