Solved

Muthual Authentication

Posted on 2013-01-04
2
1,053 Views
Last Modified: 2013-01-07
My two Exchange Servers suddenly stopped to configure Outlook clients via autodiscovery.  Srv06 is running Exchange Server 2010 and Srv07 is running Exchange Server 2012.  The both are virtual servers running under a Windows Server 2008 with Hyper-V.

The testexchangeconnectivity website reports the following errors:

Srv06 (Exchange 2010):
Testing SSL mutual authentication with the RPC proxy server.
Verification of mutual authentication failed.
The certificate common name *.larsoft.net doesn't validate against the mutual authentication string that was provided: msstd:srv06.larsoft.net


Srv07 (Exchange 2013):
Testing SSL mutual authentication with the RPC proxy server.
Verification of mutual authentication failed.
The certificate common name *.larsoft.net doesn't validate against the mutual authentication string that was provided: msstd:srv07.larsoft.net

The certificate seems to be ok.  It's a wildcard certificate (*.larsoft.net) for both servers, it's issued by Comodo and the expiration date is May, 30, 2013.

Opening the certificate in Exchange Management Console, the certificate status is "This certificate is OK."

Do you have any idea of what is happening with my Exchange Servers?

Thanks in advance,

Luciano Reis
0
Comment
Question by:informago
  • 2
2 Comments
 

Author Comment

by:informago
ID: 38746197
The result of Get-ExchangeCertificate on Srv06 result the following:

Thumbprint   Services   Subject
<thumb>        IP..S.        CN=Srv06
<thumb>        ......           CN=WMSvc-Srv06
<thumb>        ...W..        CN=*.larsoft.net, OU=comodo SSL Wildcard, OU=Dom...


The same command on Srv07 result the following:

Thumbprint   Services   Subject
<thumb>        ....S..     CN=Microsoft Exchange...
<thumb>        IP.WS..  CN=Srv07
<thumb>        .......      CN=WMSvc-Srv07
<thumb>        ...WS..   CN=*.larsoft.net, OU=Comodo...
0
 

Accepted Solution

by:
informago earned 0 total points
ID: 38750821
I found the answer here:

http://www.cgoosen.com/2010/11/outlook-anywhere-and-wildcard-certificates/

It's was basically:

Set-OutlookProvider -Identity EXPR -CertPrincipalName msstd:*.larsoft.net
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
Get people started with the process of using Access VBA to control Outlook using automation, Microsoft Access can control other applications. An example is the ability to programmatically talk to Microsoft Outlook. Using automation, an Access applic…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

815 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now