Solved

Exchange 2010 SSL Certificates

Posted on 2011-09-28
22
313 Views
Last Modified: 2012-05-12
I have an SBS 2011 server. I have used the Exchange Management Console to generate an SSL request and followed the Microsoft guidelines. I have rekeyed my existing SSL Cert and imported it into the server.
My Outlook 2010 clients are still getting certificate errors when logging on however. OWA works and Outlook Anywhere works for external users.
There are several Certificates in the Exchange Console now. Is it safe to remove any of them? I am going to reboot in about 1.5 hrs if that will make any difference.

Thanks.
0
Comment
Question by:nealerocks
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 11
  • 10
22 Comments
 
LVL 16

Expert Comment

by:uescomp
ID: 36812947
I guess it depends on what has all been included in the cert, did you include your sbs, and sbs.local etc?
0
 
LVL 12

Author Comment

by:nealerocks
ID: 36812959
I included all the required names as far as I know. The Exchange Wizard seemed to cover everything.
I have got:

mail.domain.com.au
mail.domain.local
autodiscover.domain.com.au
autodiscover.local
servername.local
servername.domain.com.au
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 36813173
>>There are several Certificates in the Exchange Console now. Is it safe to remove any of them? I am going to reboot in about 1.5 hrs if that will make any difference.

Yes it is safe, but it is butter to take a backup of them.

Please update us if reboot does not help.
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 12

Author Comment

by:nealerocks
ID: 36813285
Reboot didn't help. Users still got the error message.
0
 
LVL 23

Accepted Solution

by:
Suliman Abu Kharroub earned 500 total points
ID: 36814054
Please try to re-assign services to the certificate from EMC.
0
 
LVL 12

Author Comment

by:nealerocks
ID: 36881168
Reassigned services. Not all users are getting the error message.
It seems not all of them were getting it anyway. Just a few.
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 36896621
Try to recreate the outlook profile for one of the affected users.
0
 
LVL 12

Author Comment

by:nealerocks
ID: 36901802
Tried creating a new profile for an affected user and the cert error appeared as the account was being set up. It appeared again when I opened Outlook for the first time.
Any other ideas??

Thanks.
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 36901876
What does the error message show ? name mismatch ?

also please click on the view certificate, does it show the correct certificate ?
0
 
LVL 12

Author Comment

by:nealerocks
ID: 36901900
It shows name mismatch, but I have included at least 5 names on the certificate. Outlook works fine, it is just annoying. Outlook Anywhere works fine also, and there are no certificate errors on OWA.
When I view the cert it looks fine, the issuer is correct.
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 36901927
On the top left of the error message, it will show the name of the server which is try to connect to.

what is it ?
0
 
LVL 12

Author Comment

by:nealerocks
ID: 36901943
The server name is mail.domainname.local
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 36902395
what is mail.domainname.local ? is it the local server name ?
0
 
LVL 12

Author Comment

by:nealerocks
ID: 36902741
It is the domain name. The name on the certificate is mail.thecompaniesdomainname.com.au
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 36902877
are you sure you internal domain is mail.domainname.local ?

hold on shift key and right click on outlook icon in notifications area, connection status. where is outlook connected, to mail.domainname.local  ?
0
 
LVL 12

Author Comment

by:nealerocks
ID: 36902983
the internal domain is just mydomainname.local.
the certificate common name is the external domain name which includes mail
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 36902989
the second question please,,, outlook part.
0
 
LVL 12

Author Comment

by:nealerocks
ID: 36903063
Looks like the client is connecting to mail.mydomain.local
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 36905105
TCP or http/s ?
0
 
LVL 12

Author Comment

by:nealerocks
ID: 36908019
I have managed to resolve the issue. We had the wrong kind of SSL certificate. It wasn't a UCC. I have purchased the correct cert and ran the SBS wizards again and it is working.
No more error messages.
Thanks for all the help and suggestions!
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 36908199
LOL,

You are welcome!
0
 
LVL 12

Author Closing Comment

by:nealerocks
ID: 36914937
You deserve some points for sticking with the question so long.
Thanks!
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question