We help IT Professionals succeed at work.

Certificate problem with Outlook 2010 and Exchange 2007

Hi There

I know there are a lot of post for this Problem but nothing helped to resolve the Problem.

Problem:
If you are open Outlook you get a cert error: "The Name on the security certificate is invalid or does not match the name of the site"

I've tried everyting on http://support.microsoft.com/kb/940726 and also onTech Blog.
There is no solution for this problem for me.

Problem is on Outlook 2007 and also on Outlook 2003

Please help me

Thanks
Comment
Watch Question

Viral RathodConsultant

Commented:
Just check your certificate and make sure the name under certificate matches the FQDN (mail.contoso.com).
)

Author

Commented:
Do you maybe have a step-by-step guide for this?

Do not know exactly what you mean.
I've checked the Certificate and i think everithing is ok. But maybe I vchecked the wrong things

Thanks

Commented:
http://www.sslshopper.com/article-installing-an-ssl-certificate-in-windows-server-2008-iis-7.0.html

This link should get you going.  The certificate needs to be applied to the OWA installation.  just be sure that the FQDN on the certificate matches the name of your external URL.

Also note that, being a self-signed certificate, you will need to add it to the trusted certs store on each computer that uses the site so they don't get the error each time they connect.  This can be easily done - even by the end user - with some basic instructions.
Svet PaperovIT Manager

Commented:
Did you implement an external UC/SAN certificate or you are using the self-trusted one that has been created by the server?

The following links could help understand how SAN certificate is used in Exchange Server 2010:
http://www.digicert.com/ssl-support/exchange-2010-san-names.htm
http://support.microsoft.com/kb/929395


Btw, I am in a process of building an Exchange Server 2010 for my organization and I am going to use DigiCert or GoDaddy certificate (not decided which one yet)

Commented:
Look at my post here: http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_27423849.html

You need a SAN/UC certificate to avoid all cert errors and to make Autodiscover/Outlook Anywhere to function correctly. Simple SSL and wildcard certificates don't work.
Commented:
here a step by step :
Open the exchange power shell and run :
[PS] C:\>Get-ExchangeCertificate |ft *domains, services
#note the the cert where services >IIS
#under "CertificateDomains" copy one of the domains > your.domain.com
#hopefully you can reach your.domain.com from a client machine
Then run the follwing commands :
[PS] C:\>Get-ClientAccessServer | Set-ClientAccessServer -AutoDiscoverServiceInternalUri "https://your.domain.com/autodiscover/autodiscover.xml "

[PS] C:\>Get-WebServicesVirtualDirectory | Set-WebServicesVirtualDirectory -InternalUrl "https://your.domain.com/ews/exchange.asmx"

[PS] C:\>Get-OabVirtualDirectory | Set-OabVirtualDirectory -InternalUrl "http://your.domain.com/oab"

[PS] C:\>iisreset

Hope it helps

--
Ivo

Author

Commented:
Thank you very much. it worked.
I've used the external URL

Thanks!!!!

Author

Commented:
Thanks!!
Now the customer is happy and i've learned something new :-)

Commented:
Glad it worked  :)

Explore More ContentExplore courses, solutions, and other research materials related to this topic.