Exchange 2010 SP2 - SSL Certificate Problem

We have just completed a migration from Exchange 2003 to Exchange 2010.  The server is an on-premise single server solution with a mix of Outlook 2003 & Outlook 2010 clients.  The server name is exchange.companyname.local and we have installed a GoDaddy SSL certificate in the name of office.companyname.co.uk which is the external name, this is assigned in IIS and currently works with Outlook We App with no problems.  The problem we are experiencing is that on the Outlook 2010 clients an SSL error keeps being displayed saying 'The name on the certificate does not match the server'.  I'm guessing there‚Äôs some additional configuration required somewhere since we installed the GoDaddy certificate.  Help would be very much appreciated. Thanks in advance.
jambomamboAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Alan HardistyConnect With a Mentor Co-OwnerCommented:
If you bought a single name SSL certificate - you should have bought a SAN / UCC SSL certificate (multi name) and should include the following names in the certificate if you want to lose the errors:

office.companyname.co.uk
autodiscover.companyname.co.uk
exchange.companyname.local
exchange

You should also add an Autodiscover A record in your Domains DNS Records (not internally) and point it to the Public IP Address of your Exchange Server.

If you have all the above names - the errors should go away.
0
 
MAS (MVE)Technical Department HeadCommented:
1.Make sure 'exchange.companyname.local' and 'office.companyname.co.uk' is added in the certificate

2. Enable IIS services for the certificate installed

3. Configure autodiscover in the server. post the output of the below command
    Get-AutodiscoverVirtualDirectory | fl Name,internalurl,externalurl
0
 
MAS (MVE)Technical Department HeadCommented:
Type 'Get-Exchangecertificate' and get the thumbprint and enable IIS service using the below command

Enable-ExchangeCertificate -Thumbprint 5113ae0233a72fccb75b1d0198628675333d010e -Services IIS
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
MAS (MVE)Technical Department HeadCommented:
As suggested by Alanhardisty
please add autodiscover.companyname.co.uk  also
I forgot to mention about autodiscover in my post
0
 
jambomamboAuthor Commented:
Thanks very much for your comments guys.  I am just in the process of obtaining another certificate from GoDaddy, it looks like they have a UCC option recommended for Exchange.  Hopefully this will sort it. I will let you know...
0
 
Alan HardistyConnect With a Mentor Co-OwnerCommented:
It should do.  Use the New Certificate Wizard to generate the Request in the Exchange Management console> Server Config> New Certificate Wizard.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.