Solved

Exchange 2010 SP2 - SSL Certificate Problem

Posted on 2012-03-20
7
857 Views
Last Modified: 2012-03-23
We have just completed a migration from Exchange 2003 to Exchange 2010.  The server is an on-premise single server solution with a mix of Outlook 2003 & Outlook 2010 clients.  The server name is exchange.companyname.local and we have installed a GoDaddy SSL certificate in the name of office.companyname.co.uk which is the external name, this is assigned in IIS and currently works with Outlook We App with no problems.  The problem we are experiencing is that on the Outlook 2010 clients an SSL error keeps being displayed saying 'The name on the certificate does not match the server'.  I'm guessing there’s some additional configuration required somewhere since we installed the GoDaddy certificate.  Help would be very much appreciated. Thanks in advance.
0
Comment
Question by:jambomambo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
7 Comments
 
LVL 27

Expert Comment

by:☠MAS☠
ID: 37741688
1.Make sure 'exchange.companyname.local' and 'office.companyname.co.uk' is added in the certificate

2. Enable IIS services for the certificate installed

3. Configure autodiscover in the server. post the output of the below command
    Get-AutodiscoverVirtualDirectory | fl Name,internalurl,externalurl
0
 
LVL 27

Expert Comment

by:☠MAS☠
ID: 37741716
Type 'Get-Exchangecertificate' and get the thumbprint and enable IIS service using the below command

Enable-ExchangeCertificate -Thumbprint 5113ae0233a72fccb75b1d0198628675333d010e -Services IIS
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 500 total points
ID: 37741744
If you bought a single name SSL certificate - you should have bought a SAN / UCC SSL certificate (multi name) and should include the following names in the certificate if you want to lose the errors:

office.companyname.co.uk
autodiscover.companyname.co.uk
exchange.companyname.local
exchange

You should also add an Autodiscover A record in your Domains DNS Records (not internally) and point it to the Public IP Address of your Exchange Server.

If you have all the above names - the errors should go away.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 27

Expert Comment

by:☠MAS☠
ID: 37741857
As suggested by Alanhardisty
please add autodiscover.companyname.co.uk  also
I forgot to mention about autodiscover in my post
0
 

Author Comment

by:jambomambo
ID: 37742728
Thanks very much for your comments guys.  I am just in the process of obtaining another certificate from GoDaddy, it looks like they have a UCC option recommended for Exchange.  Hopefully this will sort it. I will let you know...
0
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 500 total points
ID: 37742741
It should do.  Use the New Certificate Wizard to generate the Request in the Exchange Management console> Server Config> New Certificate Wizard.
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In-place Upgrading Dirsync to Azure AD Connect
You need to know the location of the Office templates folder, so that when you create new templates, they are saved to that location, and thus are available for selection when creating new documents.  The steps to find the Templates folder path are …
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Suggested Courses

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question