Solved

Exchange 2010 SP2 - SSL Certificate Problem

Posted on 2012-03-20
7
827 Views
Last Modified: 2012-03-23
We have just completed a migration from Exchange 2003 to Exchange 2010.  The server is an on-premise single server solution with a mix of Outlook 2003 & Outlook 2010 clients.  The server name is exchange.companyname.local and we have installed a GoDaddy SSL certificate in the name of office.companyname.co.uk which is the external name, this is assigned in IIS and currently works with Outlook We App with no problems.  The problem we are experiencing is that on the Outlook 2010 clients an SSL error keeps being displayed saying 'The name on the certificate does not match the server'.  I'm guessing there’s some additional configuration required somewhere since we installed the GoDaddy certificate.  Help would be very much appreciated. Thanks in advance.
0
Comment
Question by:jambomambo
  • 3
  • 2
7 Comments
 
LVL 25

Expert Comment

by:-MAS
ID: 37741688
1.Make sure 'exchange.companyname.local' and 'office.companyname.co.uk' is added in the certificate

2. Enable IIS services for the certificate installed

3. Configure autodiscover in the server. post the output of the below command
    Get-AutodiscoverVirtualDirectory | fl Name,internalurl,externalurl
0
 
LVL 25

Expert Comment

by:-MAS
ID: 37741716
Type 'Get-Exchangecertificate' and get the thumbprint and enable IIS service using the below command

Enable-ExchangeCertificate -Thumbprint 5113ae0233a72fccb75b1d0198628675333d010e -Services IIS
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 500 total points
ID: 37741744
If you bought a single name SSL certificate - you should have bought a SAN / UCC SSL certificate (multi name) and should include the following names in the certificate if you want to lose the errors:

office.companyname.co.uk
autodiscover.companyname.co.uk
exchange.companyname.local
exchange

You should also add an Autodiscover A record in your Domains DNS Records (not internally) and point it to the Public IP Address of your Exchange Server.

If you have all the above names - the errors should go away.
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 
LVL 25

Expert Comment

by:-MAS
ID: 37741857
As suggested by Alanhardisty
please add autodiscover.companyname.co.uk  also
I forgot to mention about autodiscover in my post
0
 

Author Comment

by:jambomambo
ID: 37742728
Thanks very much for your comments guys.  I am just in the process of obtaining another certificate from GoDaddy, it looks like they have a UCC option recommended for Exchange.  Hopefully this will sort it. I will let you know...
0
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 500 total points
ID: 37742741
It should do.  Use the New Certificate Wizard to generate the Request in the Exchange Management console> Server Config> New Certificate Wizard.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

What does UTC stand for?  “Coordinated Universal Time” – Think of this as the true time on Planet Earth that never changes with the exception of minor leap seconds here and there to account for the changes in the planet's rotation.   What does th…
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now