?
Solved

Outlook 2010 SSL Certificate Alert

Posted on 2011-10-11
4
Medium Priority
?
1,100 Views
Last Modified: 2012-05-12
We recently installed an SSL certificate on our Exchange 2010 server issued by GoDaddy. However, we are getting the Security Alert popup when Outlook is opened.

The error that pops up when you open Outlook is:

"Security Alert

VM-Exchange.mydomain.com

Information you exchange with this site cannot be viewed or changed by others. However, there is a problem with the site's security certificate.

(Green Checkmark) The security certificate is from a trusted certifying authority.

(Green Checkmark) The security certificate date is valid.

(Red X) The name of the security certificate is invalid or does match the name of the site."

The certificate is for mail.mydomain.com, but we added a subject alternate name for the name of the local server and also for autodiscover.mydomain.com.

However, it says it's connecting to VM-Exchange.mydomain.com, whereas we have it just as VM-Exchange, not the FQDN.

You can just click yes and ignore the error, but it pops up every time Outlook is launched. When I click on View Certificate and go to the Details tab, I can see under Subject Alternate Names that VM-Exchange is listed.

My thinking is the error is popping up because Outlook is connecting to VM-Exchange.mydomain.com and we have it added only as VM-Exchange. My colleague says this isn't the problem, but I want another opinion.

Any advice would be helpful.

Thanks.
0
Comment
Question by:Gratisites
  • 2
4 Comments
 
LVL 3

Accepted Solution

by:
stanley_stars earned 1000 total points
ID: 36950330
I think you are right.. it's trying to hit the FQDN for VM-Exchange.company.com
Is that for your UM server or something else?

For the cost of adding the FQDN SAN to the cert from GoDaddy.. I would just add it in and verify if that fixes it. If it doesn't you're out like $20?
0
 

Author Comment

by:Gratisites
ID: 36950406
VM-Exchange is just running Exchange with the mailbox, hub transport and client access roles, we aren't using UM yet.

It should just be a matter of rekeying the cert on GoDaddy and adding it to Exchange again. Shouldn't cost anything.
0
 
LVL 16

Assisted Solution

by:Madan Sharma
Madan Sharma earned 1000 total points
ID: 36960276
you are only getting this certificate error on opening of outlook while your owa is working fine with the certificate.
This is because Exchange2010 require the a certificate for following
autodiscover.yourdomain.com
owa.yourdomain.com or your owa name
your domain FQDN
last one can be compromise but above two are highly required SAN certificate. you can issue a single certificate with multiple subjact alternative name.
Finally you need to buy a certificate with multiple SAN to escape from this issue. you can easily create multiple SAN certificate request by using exchange certificate wizard..
0
 

Author Comment

by:Gratisites
ID: 36963726
Adding the SAN for vm-exchange.domain.com on GoDaddy and rekeying the cert worked. No more errors in Outlook.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This month, Experts Exchange sat down with resident SQL expert, Jim Horn, for an in-depth look into the makings of a successful career in SQL.
With so many activities to perform, Exchange administrators are always busy in organizations. If everything, including Exchange Servers, Outlook clients, and Office 365 accounts work without any issues, they can sit and relax. But unfortunately, it…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
As many of you are aware about Scanpst.exe utility which is owned by Microsoft itself to repair inaccessible or damaged PST files, but the question is do you really think Scanpst.exe is capable to repair all sorts of PST related corruption issues?
Suggested Courses
Course of the Month16 days, 8 hours left to enroll

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question