Exchange 2010 SSL/Cert question - local Outlook issue

We have deployed an Exchange 2010 server in our existing Exchange 2003 Organization.  A while back, we changed our company name.  Our domain is old.local, however our new public domain is  I have a single Exchange Server with HT, CAS, and MB roles.  All health checks/etc are good.  I installed a cert for to enable active sync and OWA.

When we moved a couple guinea pigs last week, Outlook began throwing up errors due to the cert not correlating to the local netbios name of the server.  The cert is for however the internal server's name is mail.old.local.  I followed the info here and made these changes, while of course making the names accurate:

    Set-ClientAccessServer -Identity "mbx1" –AutodiscoverServiceInternalURI https://nlb.nwtraders.msft/autodiscover/autodiscover.xml

    Set-WebServicesVirtualDirectory -Identity "mbx1\EWS (Default Web Site)" –InternalUrl  https://nlb.nwtraders.msft/EWS/Exchange.asmx

    Set-OABVirtualDirectory -Identity “mbx1\OAB (Default Web Site)” -InternalURL https://nlb.nwtraders.msft/OAB

     Enable-OutlookAnywhere -Server mbx1 -ExternalHostname “nlb.nwtraders.msft” -ClientAuthenticationMethod “NTLM”

    Set-ActiveSyncVirtualDirectory -Identity “mbx1\Microsoft-Server-ActiveSync (Default Web Site)” -InternalURL https://nlb.nwtraders.msft/Microsoft-Server-Activesync

Plenty of hell ensued.  We had users unable to email internally, and weird things happening like the famous "Sent emails hanging in drafts" folders.  The only way we were able to fix things was to:

1.  Uninstall the Cert to remove the Outlook cert warnings/etc.
2.  Rerun the commands above and setting everything back to how Exchange initially configured itself.

I obviously need to deploy an SSL cert soon, however a secondary CAS server just for Active Sync/OWA isn't an option.  How can I configure the 2010 server so:

1.  External clients access
2.  Internal clients via Outlook access mail.old.local and don't receive the cert warning

Thank you for any assistance!  
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.


You need to put new url name in new created certificate.
wylde342Author Commented:

Not sure if you missed it, but that's exactly what I did.  The problem is the url does not correlate to the internal netbios name, hence the Outlook security warnings.  The certificate was for, however Outlook was connecting to mail.old.local, hence the warnings.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
wylde342Author Commented:
solved on my own
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.