Solved

Exchange Autodiscover SSL error for Outlook anywhere

Posted on 2013-01-02
3
1,654 Views
Last Modified: 2013-01-05
This issue pertains to Autodiscover and Exchange 2010.

We have a single name certificate ( not a UCC) and I setup an SRV record in our public DNS zone to point to our server (mail.domain.com). But the SSL errors persist.

Error specifies that the name

autodiscover.domain.com does not match the name on the certificate.

Our certificate is set as mail.domain.com

This error only occurs for outlook anywhere ( external users using Outlook )

How do I stop Outlook from throwing this error all the time? www.testexchangeconnectivity.com passes our test for the SRV record and SSL certificate.

Also I noticed we have a wildcard record in our DNS Zone. I read a one line statement in another guide that Autodiscover does not like a wildcard record being set in the public DNS zone. Could this be the cause?

If I switch to an A record setup or CNAME setup we will need a UCC certificate correct?
0
Comment
Question by:Robc0918
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 38736846
You must have a wildcard in your DNS so that autodiscover.example.com resolves.
You need to remove that - SRV records can only be used IF autodiscover.example.com doesn't resolve.

Simon.
0
 
LVL 17

Expert Comment

by:OriNetworks
ID: 38737035
There are alternatives to the autodiscover sub domain. You might want to look into using Autodiscover.xml
http://www.more2know.nl/2010/05/18/exchange-autodiscover-and-multiple-domains/
0
 
LVL 49

Accepted Solution

by:
Akhater earned 500 total points
ID: 38739448
You basically have one of 2 solutions

1. delete the wild card from the DNS

2. add autodiscover in your dns and point it to the ip mail.domain.com and change your certificate to have autodiscover in the SAN
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
how to add IIS SMTP to handle application/Scanner relays into office 365.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question