Solved

Outlook Certificate Security Error

Posted on 2011-09-21
6
342 Views
Last Modified: 2012-05-12
I have a client that is running Exchange 2010.  Recently, several users have ported to Outlook 2010, and we have started getting several security errors about certificates.  Most of these I have been able to bypass by installing the certificates from the server on the local workstations, but there is one error that eludes me.  I am getting the error that "the name on the security certificate is invalid or does not match the name of the site."  When I view the certificate, it is for an AD domain that used to be on the other side of our site-to-site VPN, but that no longer exists.  If I try installing the certificate, it appears to succeed, but the next time I open Outlook, the same security error reappears.  Does anyone have any possible fixes?

TIA!
0
Comment
Question by:MasterComputing
6 Comments
 
LVL 9

Expert Comment

by:davealford
ID: 36574466
The 'name' on the certificate has to be the same as is entered into Outlook proxy settings URL and principle name for proxy server -

Certificate name - remote.mydomain.com
https://remote.mydomain.com
Principle name - msstd:remote.mydomain.com

 
0
 
LVL 4

Expert Comment

by:ctc1900
ID: 36576942
You most likely upgraded from Outlook 2000/2003 to 2010. If that's the case, you need to verify the Exchange 2010

http://www.msexchange.org/articles_tutorials/exchange-server-2010/management-administration/exchange-autodiscover.html
0
 

Author Comment

by:MasterComputing
ID: 36587538
This was a fresh install of Outlook 2010 - there were no prior versions installed.  I tried working through the steps in the above article, but when I entered the Set- commands, I just got a blinking cursor.  Perhaps a better question would be this - is there any way I can just get rid of that certificate, since the domain is no longer active?
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 250 total points
ID: 36915176
For Exchange 2010 (and 2007) you would be best advised to purchase a SAN / UCC SSL certificate with the following names included:

mail.externaldomain.com (or whatever you prefer)
autodiscover.externaldomain.com
internalservername.internaldomainname.local
internalservername

If you install a certificate with the above names then you will stop getting certificate prompts / errors and all aspects of Exchange will work, with the exception of Autodiscover, where you will have to add an A record in External DNS that points to the IP Address of your Exchange 2010 server.

GoDaddy are about the cheapest place to buy an SSL cert from (about $60 for a year), but a GoDaddy Reseller account is slightly cheaper.

Did you buy a SAN certificate or are you using the built-in one that Exchange provides?
0
 

Author Closing Comment

by:MasterComputing
ID: 37006653
Buying an SSL cert solved the problem.
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
Large Outlook files lead to various unwanted errors and corruption issues. Furthermore, large outlook files can also make Outlook take longer to start-up, search, navigate, and shut-down. So, In this article, i will discuss a method to make your Out…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
This Experts Exchange video Micro Tutorial shows how to tell Microsoft Office that a word is NOT spelled correctly. Microsoft Office has a built-in, main dictionary that is shared by Office apps, including Excel, Outlook, PowerPoint, and Word. When …

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question