Solved

There is a problem with the proxy server's security certificate, Code error 8

Posted on 2013-01-08
7
13,521 Views
Last Modified: 2013-01-09
Hi Guys I have a Exchange 2010 that has been running for 2 Years and Clients have been connecting to it for 2 years no problems. using Smartphones etc, OWA no problems at all..
The Exchange Certificate Expired on the 5th so as far as i am aware clients using Outook anywhere access, are having issues connecting.
I renewed the Web Services Certificate by doing the following
Get-ExchangeCertificate –Thumbprint “**************************” | New-ExchangeCertificate .. with the correct thumb print key of course.. and selected yes to overwrite.. ok..
I can connect to it from my computer if i setup Outlook anywhere access through Outlook, I can get to OWA access , i can get access from my Samsung Phone and connect and send and receive Email..
This is the first user i am having issues with the rest are still on holidays so i am expecting more of them.. He has Outlook anywhere working for the last 2 years and stopped working when certificate expired, I have tried installing certificate again , doesnt work, if I VPN into the network it works fine and updates his Email..  But the Error he Gets  is the Following:

There is a Problem with the Proxy Server's Security Certificate
The Security Certificate is not from a trusted certifying Authority
Outlook is unable to connect to the proxy Server mail.yourservername.com (Error Code 8)

The Certificate is Self Assigned..Scratching my Head with this not sure if there is an issue there or it is just something on his computer..
Please Help...?
Thanks in advance

Big_Daddy
0
Comment
Question by:big_daddy_pimp
  • 4
  • 2
7 Comments
 
LVL 12

Assisted Solution

by:tgtran
tgtran earned 150 total points
ID: 38757665
You need to have the user to install the new cert's root in "trusted root certificate authorities"

:
1. Click Install Certificate when you are prompted with the Certificate dialog box.
2. Click Next.
3. Click to select the Place all certificate in the following store check box.
4. Click Browse.
5. Click Trusted Root Certification Authorities, and then click OK.
6. Click Next, Finish, OK
0
 
LVL 13

Expert Comment

by:murgroup
ID: 38757666
Self signed certs are funky when it comes to Outlook. Phones usually don't have a problem with them. If your clients are Outlook 2007 or 2010 you will need to install the cert manually on each client machine using the certificates MMC. Yes this sucks so I suggest purchasing a valid SSL cert from Godaddy or other provider. A UCC cert works best but you can make a single cert work.
0
 

Author Comment

by:big_daddy_pimp
ID: 38757696
Thanks GUys I have tried that, when i see the certificate it doesnt have the option to install it..

Big_Daddy
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 13

Accepted Solution

by:
murgroup earned 350 total points
ID: 38757717
I'm not sure what tgtran is talking about but let me see if I can explain better. Do this on the client machine. Make sure Outlook is closed before you begin.

1. copy your self signed cert to a network share or flash drive
2. click start, run and type mmc. click file and add/remove snapin. Choose certificates and click add. Click computer account then local computer. Click OK.
3. In the mmc you will see trusted root and intermediate cert authorities. Hit the arrow next to each and you will see certificates.
4. right click certificates and click all tasks - import.
5. browse to the location where the certificate is stored and install it.

Do this for each store (personal, trusted and intermediate) then try Outlook and see if it connects.

On the server side make sure you applied the certificate correctly in exchange then do an iisreset.

Enable-ExchangeCertificate -Services IMAP, POP, IIS, SMTP -thumbprint yoursslcertthumbprint
0
 
LVL 13

Expert Comment

by:murgroup
ID: 38757720
Also make sure your SSL cert is showing in IIS manager.
0
 
LVL 13

Expert Comment

by:murgroup
ID: 38757794
Also not sure if you're familiar with this site but it should help troubleshoot.

https://www.testexchangeconnectivity.com/#
0
 

Author Comment

by:big_daddy_pimp
ID: 38761426
Thanks Guys appreciate all your help, the testexchangeconnectivity  site has never worked my Server always fails the tests even though it is working fine...
I found my issue, i added the The URL into the trusted sites list in IE and then it allowed me to manually Install the security Certificate and works fine know thank you guys for your input.. It is much appreciated, i went through a few of your suggestions which got me to the answer thankyou all..

Big_Daddy
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Utilizing an array to gracefully append to a list of EmailAddresses
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now