Exchange security certificate pop up continually on client laptops

here is what happened.
yesterday I noticed on the event logs, that my OWA server was throwing errors that it couldnt update its Host (A) Resource Record (RR) on my DNS servers..
so i went to the DNS servers (2 of them) and found the A records of the OWA server.. I had to add the Local Computer account of the OWA server and give it full control, in the security section..
then i ran an ipconfig /registerdns command on the OWA server..
this seemed to fix the DNSAPI error, but now we continually get pop ups in outlook about the security certificate from the OWA server.. We go through the steps of installing the cert.. I accept the defaults and let the cert store choose where to install it. and it imports fine.
but the pop up for the cert keeps coming back, and it has to keep being re installed..
does that make sense?
any ideas? this is causing a big headache here for me today.
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Benjamin MOREAUProject ManagerCommented:
When you connect to you OWA website, have you an error on your certificate ?

If Yes, you have to fix your error.

Check :

- end date of the certificate
- the "other names" of the certificate. You must have all local name of your server and the published name (dns).
- that all your client have the root CA certificate installed
CG_HDAuthor Commented:
ok, ill see if i can verify that info.. do you have a link or something that can help me step by step to get that info? im not too well versed in certificates, or how to work with/ troubleshoot them.
CG_HDAuthor Commented:
also why do you think that fixing that DNS issue could have caused this?
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

CG_HDAuthor Commented:
I think we have the issue resolved, I spent almost 6 hours on the phone with Micro Soft on friday. we did a lot of things, but in a basic nutshell, we had to create a new DNS zone for the internal exchange server, and then we had to change some of the bindings in IIS on the exchange server, and have them reference the correct cert. so for now the issue seems to be resolved. thanks everyone for your advise!!

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
CG_HDAuthor Commented:
was fixed by MS
CG_HDAuthor Commented:
thanks to everyone for your input.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.