Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1729
  • Last Modified:

Exchange Autodiscover SSL error for Outlook anywhere

This issue pertains to Autodiscover and Exchange 2010.

We have a single name certificate ( not a UCC) and I setup an SRV record in our public DNS zone to point to our server (mail.domain.com). But the SSL errors persist.

Error specifies that the name

autodiscover.domain.com does not match the name on the certificate.

Our certificate is set as mail.domain.com

This error only occurs for outlook anywhere ( external users using Outlook )

How do I stop Outlook from throwing this error all the time? www.testexchangeconnectivity.com passes our test for the SRV record and SSL certificate.

Also I noticed we have a wildcard record in our DNS Zone. I read a one line statement in another guide that Autodiscover does not like a wildcard record being set in the public DNS zone. Could this be the cause?

If I switch to an A record setup or CNAME setup we will need a UCC certificate correct?
1 Solution
Simon Butler (Sembee)ConsultantCommented:
You must have a wildcard in your DNS so that autodiscover.example.com resolves.
You need to remove that - SRV records can only be used IF autodiscover.example.com doesn't resolve.

There are alternatives to the autodiscover sub domain. You might want to look into using Autodiscover.xml
You basically have one of 2 solutions

1. delete the wild card from the DNS

2. add autodiscover in your dns and point it to the ip mail.domain.com and change your certificate to have autodiscover in the SAN

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now