Solved

Exchange 2010 - The name on the security certificate is invalid...

Posted on 2011-09-20
4
962 Views
Last Modified: 2012-05-12
So there is a lot of information about this and I did some research before posting because I was getting confused, so decided to post my own question to get some specific help.  

So, we had an Exchange 2003 server, upgraded to 2010.  We host internally and have OWA setup.  Purchased a certificate from godaddy for the domain and installed, everything is working fine for the OWA.  

Most machines have Outlook 2010, at first when Outlook was opened I users were receiving 2 of the Security Alerts (the name on the security certificate is invalid...).  So I did some research and should I should run the following commands in EMS:

Set-ClientAccessServer -Identity CAS1 -AutodiscoverServiceInternalUri https://webmail.mycompany.com/autodiscover/autodiscover.xml
 
Set-WebServicesVirtualDirectory -Identity “CAS1\EWS (Default Web Site)” -InternalUrl https://webmail.mycompany.com/ews/exchange.asmx 

Set-OABVirtualDirectory -Identity “CAS1\oab (Default Web Site)” -InternalUrl https://webmail.mycompany.com/oab
 
Set-UMVirtualDirectory -Identity “CAS1\unifiedmessaging (Default Web Site)” -InternalUrl https://webmail.mycompany.com/unifiedmessaging/service.asmx

I ran the first 3 without issue, fourth one would not run, after research, seems like that is only for Exchange 2007.  Ok, so now I only receive 1 of the Security Alerts when I open Outlook.  

Here is also more information that is needed.  When the Security alert pops up when Outlook is opened, the domain at the top is:  exchange_server_name.domain.com

When I click on view certificate the issued to piece shows:  webmail.domain.com

So I am pretty sure that is where the problem is?  Just not sure the exact steps to fix this?  As always all help is appreciated...
0
Comment
Question by:teamorange
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 13

Expert Comment

by:Govvy
ID: 36566913
I believe you will need subject alternate names (SAN) on the certificate
0
 

Author Comment

by:teamorange
ID: 36567244
Is that something that is done through Godaddy where I purchased the certificate?  Do I need to purchase another one?

Are they any other options?
0
 
LVL 13

Accepted Solution

by:
Govvy earned 500 total points
ID: 36567297
You'll need a new cert with each subdomain configured as a SAN
0
 
LVL 3

Expert Comment

by:jabri007
ID: 36577911
Hello,

How did you requested the certificate initially because you can do it from Exchange 2010 server itself

Refer: http://technet.microsoft.com/en-us/library/dd351057.aspx

ideally in a certificate you need the following DNS Names

1. OWA Common Name with External domain name
2. Autodiscover.<external domain name>
4, CAS Array name (optional)
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
In this article I discuss my selections of the Top Four free Outlook OST File Viewers available. Open, view and read even damaged OST files by using these tools. They all provide a clear preview of all data such as emails, notes, tasks, calendars, e…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question