Solved

Exchange Autodiscover SSL error for Outlook anywhere

Posted on 2013-01-02
3
1,632 Views
Last Modified: 2013-01-05
This issue pertains to Autodiscover and Exchange 2010.

We have a single name certificate ( not a UCC) and I setup an SRV record in our public DNS zone to point to our server (mail.domain.com). But the SSL errors persist.

Error specifies that the name

autodiscover.domain.com does not match the name on the certificate.

Our certificate is set as mail.domain.com

This error only occurs for outlook anywhere ( external users using Outlook )

How do I stop Outlook from throwing this error all the time? www.testexchangeconnectivity.com passes our test for the SRV record and SSL certificate.

Also I noticed we have a wildcard record in our DNS Zone. I read a one line statement in another guide that Autodiscover does not like a wildcard record being set in the public DNS zone. Could this be the cause?

If I switch to an A record setup or CNAME setup we will need a UCC certificate correct?
0
Comment
Question by:Robc0918
3 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 38736846
You must have a wildcard in your DNS so that autodiscover.example.com resolves.
You need to remove that - SRV records can only be used IF autodiscover.example.com doesn't resolve.

Simon.
0
 
LVL 17

Expert Comment

by:OriNetworks
ID: 38737035
There are alternatives to the autodiscover sub domain. You might want to look into using Autodiscover.xml
http://www.more2know.nl/2010/05/18/exchange-autodiscover-and-multiple-domains/
0
 
LVL 49

Accepted Solution

by:
Akhater earned 500 total points
ID: 38739448
You basically have one of 2 solutions

1. delete the wild card from the DNS

2. add autodiscover in your dns and point it to the ip mail.domain.com and change your certificate to have autodiscover in the SAN
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what you should include to make the best professional email signature for your organization.
Read this checklist to learn more about the 15 things you should never include in an email signature.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates‚Ķ
CodeTwo Sync for iCloud (http://www.codetwo.com/sync-for-icloud?sts=6554) automatically synchronizes your Outlook 2016, 2013, 2010 or 2007 folders with iCloud folders available via iCloud Control Panel. This lets you automatically sync them with…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question