Solved

Muthual Authentication

Posted on 2013-01-04
2
1,049 Views
Last Modified: 2013-01-07
My two Exchange Servers suddenly stopped to configure Outlook clients via autodiscovery.  Srv06 is running Exchange Server 2010 and Srv07 is running Exchange Server 2012.  The both are virtual servers running under a Windows Server 2008 with Hyper-V.

The testexchangeconnectivity website reports the following errors:

Srv06 (Exchange 2010):
Testing SSL mutual authentication with the RPC proxy server.
Verification of mutual authentication failed.
The certificate common name *.larsoft.net doesn't validate against the mutual authentication string that was provided: msstd:srv06.larsoft.net


Srv07 (Exchange 2013):
Testing SSL mutual authentication with the RPC proxy server.
Verification of mutual authentication failed.
The certificate common name *.larsoft.net doesn't validate against the mutual authentication string that was provided: msstd:srv07.larsoft.net

The certificate seems to be ok.  It's a wildcard certificate (*.larsoft.net) for both servers, it's issued by Comodo and the expiration date is May, 30, 2013.

Opening the certificate in Exchange Management Console, the certificate status is "This certificate is OK."

Do you have any idea of what is happening with my Exchange Servers?

Thanks in advance,

Luciano Reis
0
Comment
Question by:informago
  • 2
2 Comments
 

Author Comment

by:informago
ID: 38746197
The result of Get-ExchangeCertificate on Srv06 result the following:

Thumbprint   Services   Subject
<thumb>        IP..S.        CN=Srv06
<thumb>        ......           CN=WMSvc-Srv06
<thumb>        ...W..        CN=*.larsoft.net, OU=comodo SSL Wildcard, OU=Dom...


The same command on Srv07 result the following:

Thumbprint   Services   Subject
<thumb>        ....S..     CN=Microsoft Exchange...
<thumb>        IP.WS..  CN=Srv07
<thumb>        .......      CN=WMSvc-Srv07
<thumb>        ...WS..   CN=*.larsoft.net, OU=Comodo...
0
 

Accepted Solution

by:
informago earned 0 total points
ID: 38750821
I found the answer here:

http://www.cgoosen.com/2010/11/outlook-anywhere-and-wildcard-certificates/

It's was basically:

Set-OutlookProvider -Identity EXPR -CertPrincipalName msstd:*.larsoft.net
0

Featured Post

Do email signature updates give you a headache?

Do you feel like you are constantly making changes to email signatures? Are the images not formatting how you want them to? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today.

Join & Write a Comment

Use email signature images to promote corporate certifications and industry awards.
Resolve Outlook connectivity issues after moving mailbox to new Exchange 2016 server
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now