Solved

exchange 2010 autodiscover

Posted on 2012-03-30
4
463 Views
Last Modified: 2012-06-28
So I recently bought a SSL cert to host my webmail.  After I installed the cert I started getting an error that says "the name on the security cert is invald or does not match the name of the site when I open outlook.  I called network solutions and they recomended that I purchase.  A Second Cert for autodiscover."mydomain".com  

How do I setup autodiscover to work correctly? and how do i configure exchange to use both certs?  autodiscover."mydomain".com" and webmail."mydomain".com.  Also do I have to set an external mx record for autodiscover?
0
Comment
Question by:reschete
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 3

Expert Comment

by:Padamdeep
ID: 37787918
If your users are not going to connect from Internet then you don't have buy any additional Certificate. Simply change the SCP to start with whatever Subject Name you have on certifcate and create an Internal DNS record.


But if your users are going to connect from Internet then you need to purchase certificate with additional name space.


Everytime you purchase a certificate, you need to be aware of all the Names spaces that you are going to use. As far as Exchange Server is concerned, following needs to be considered.

1. OWA Url
2. Active Url
3. OAB url
4. EWS Url

All the above URL can share the same name space. But if you decide to use different URLs then you need to include those.

Only thing which is going to be different is autodiscover. Because Outlook is hard coded to query certain queries for Autodiscover.

https://Autodiscover.Domain.com/autodiscover/autodiscover.xml is widely used. "Domain" in "Austodiscover.domain.com" is the SMTP address domain of user

I hope it helps.

~ Singh
0
 
LVL 1

Author Comment

by:reschete
ID: 37788847
I have 2 certs purchased already.  One is being used by webmail.domain.com and the other I will need to configure.  When I go into the consol it looks like it gives me the address as

lamail3.domain.com not autodiscover.domain.com  I think i'm just confused at which name i should put for the cert
0
 
LVL 1

Author Comment

by:reschete
ID: 37788974
or should i set my cert's name to be lamail3.domain.com/autodiscover/autodiscover.xml?
0
 
LVL 3

Accepted Solution

by:
Padamdeep earned 500 total points
ID: 37789846
You mean on certificate you see lamail3.domain.com? If that's the case then it's not going to work.

If SMTP address of your users is "lamail3.com" then you need to have a certificate with "autodiscover.lamail3.com".

Any reason for purchasing 2 different certificate and not a single SAN certificate with multiple domain names?

You can link one certificate at a time with IIS so that's the reason SAN certs are required.

You may be able to use 2 different certificate for IIS by creating another Website in IIS but I have never tried it.


~ Singh
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In-place Upgrading Dirsync to Azure AD Connect
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question