Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Exchange 2010 - The name on the security certificate is invalid...

Posted on 2011-09-20
4
Medium Priority
?
966 Views
Last Modified: 2012-05-12
So there is a lot of information about this and I did some research before posting because I was getting confused, so decided to post my own question to get some specific help.  

So, we had an Exchange 2003 server, upgraded to 2010.  We host internally and have OWA setup.  Purchased a certificate from godaddy for the domain and installed, everything is working fine for the OWA.  

Most machines have Outlook 2010, at first when Outlook was opened I users were receiving 2 of the Security Alerts (the name on the security certificate is invalid...).  So I did some research and should I should run the following commands in EMS:

Set-ClientAccessServer -Identity CAS1 -AutodiscoverServiceInternalUri https://webmail.mycompany.com/autodiscover/autodiscover.xml
 
Set-WebServicesVirtualDirectory -Identity “CAS1\EWS (Default Web Site)” -InternalUrl https://webmail.mycompany.com/ews/exchange.asmx 

Set-OABVirtualDirectory -Identity “CAS1\oab (Default Web Site)” -InternalUrl https://webmail.mycompany.com/oab
 
Set-UMVirtualDirectory -Identity “CAS1\unifiedmessaging (Default Web Site)” -InternalUrl https://webmail.mycompany.com/unifiedmessaging/service.asmx

I ran the first 3 without issue, fourth one would not run, after research, seems like that is only for Exchange 2007.  Ok, so now I only receive 1 of the Security Alerts when I open Outlook.  

Here is also more information that is needed.  When the Security alert pops up when Outlook is opened, the domain at the top is:  exchange_server_name.domain.com

When I click on view certificate the issued to piece shows:  webmail.domain.com

So I am pretty sure that is where the problem is?  Just not sure the exact steps to fix this?  As always all help is appreciated...
0
Comment
Question by:teamorange
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 13

Expert Comment

by:Govvy
ID: 36566913
I believe you will need subject alternate names (SAN) on the certificate
0
 

Author Comment

by:teamorange
ID: 36567244
Is that something that is done through Godaddy where I purchased the certificate?  Do I need to purchase another one?

Are they any other options?
0
 
LVL 13

Accepted Solution

by:
Govvy earned 2000 total points
ID: 36567297
You'll need a new cert with each subdomain configured as a SAN
0
 
LVL 3

Expert Comment

by:jabri007
ID: 36577911
Hello,

How did you requested the certificate initially because you can do it from Exchange 2010 server itself

Refer: http://technet.microsoft.com/en-us/library/dd351057.aspx

ideally in a certificate you need the following DNS Names

1. OWA Common Name with External domain name
2. Autodiscover.<external domain name>
4, CAS Array name (optional)
0

Featured Post

[Webinar] Protection from Cyberattacks

In this session, we’ll dive into the complexities of modern cyber threats and why only multi-vector protection can keep today’s businesses secure through the various stages of a cyberattack, across multiple vectors. Thursday September 14, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
By default Outlook 2016 displays only one time zone in the Calendar. The following article explains how to display two time zones in one calendar view.
Many of my clients call in with monstrous Gmail overloading issues with Outlook. A quick tip is to turn off the All Mail and Important folders from synching. Here is a quick video I made to show you how to turn off these and other folders in Gmail s…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question