Solved

exchange 2010 autodiscover

Posted on 2012-03-30
4
458 Views
Last Modified: 2012-06-28
So I recently bought a SSL cert to host my webmail.  After I installed the cert I started getting an error that says "the name on the security cert is invald or does not match the name of the site when I open outlook.  I called network solutions and they recomended that I purchase.  A Second Cert for autodiscover."mydomain".com  

How do I setup autodiscover to work correctly? and how do i configure exchange to use both certs?  autodiscover."mydomain".com" and webmail."mydomain".com.  Also do I have to set an external mx record for autodiscover?
0
Comment
Question by:reschete
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 3

Expert Comment

by:Padamdeep
ID: 37787918
If your users are not going to connect from Internet then you don't have buy any additional Certificate. Simply change the SCP to start with whatever Subject Name you have on certifcate and create an Internal DNS record.


But if your users are going to connect from Internet then you need to purchase certificate with additional name space.


Everytime you purchase a certificate, you need to be aware of all the Names spaces that you are going to use. As far as Exchange Server is concerned, following needs to be considered.

1. OWA Url
2. Active Url
3. OAB url
4. EWS Url

All the above URL can share the same name space. But if you decide to use different URLs then you need to include those.

Only thing which is going to be different is autodiscover. Because Outlook is hard coded to query certain queries for Autodiscover.

https://Autodiscover.Domain.com/autodiscover/autodiscover.xml is widely used. "Domain" in "Austodiscover.domain.com" is the SMTP address domain of user

I hope it helps.

~ Singh
0
 
LVL 1

Author Comment

by:reschete
ID: 37788847
I have 2 certs purchased already.  One is being used by webmail.domain.com and the other I will need to configure.  When I go into the consol it looks like it gives me the address as

lamail3.domain.com not autodiscover.domain.com  I think i'm just confused at which name i should put for the cert
0
 
LVL 1

Author Comment

by:reschete
ID: 37788974
or should i set my cert's name to be lamail3.domain.com/autodiscover/autodiscover.xml?
0
 
LVL 3

Accepted Solution

by:
Padamdeep earned 500 total points
ID: 37789846
You mean on certificate you see lamail3.domain.com? If that's the case then it's not going to work.

If SMTP address of your users is "lamail3.com" then you need to have a certificate with "autodiscover.lamail3.com".

Any reason for purchasing 2 different certificate and not a single SAN certificate with multiple domain names?

You can link one certificate at a time with IIS so that's the reason SAN certs are required.

You may be able to use 2 different certificate for IIS by creating another Website in IIS but I have never tried it.


~ Singh
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question