Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

There is a problem with the proxy server's security certificate, Code error 8

Posted on 2013-01-08
7
Medium Priority
?
15,906 Views
Last Modified: 2013-01-09
Hi Guys I have a Exchange 2010 that has been running for 2 Years and Clients have been connecting to it for 2 years no problems. using Smartphones etc, OWA no problems at all..
The Exchange Certificate Expired on the 5th so as far as i am aware clients using Outook anywhere access, are having issues connecting.
I renewed the Web Services Certificate by doing the following
Get-ExchangeCertificate –Thumbprint “**************************” | New-ExchangeCertificate .. with the correct thumb print key of course.. and selected yes to overwrite.. ok..
I can connect to it from my computer if i setup Outlook anywhere access through Outlook, I can get to OWA access , i can get access from my Samsung Phone and connect and send and receive Email..
This is the first user i am having issues with the rest are still on holidays so i am expecting more of them.. He has Outlook anywhere working for the last 2 years and stopped working when certificate expired, I have tried installing certificate again , doesnt work, if I VPN into the network it works fine and updates his Email..  But the Error he Gets  is the Following:

There is a Problem with the Proxy Server's Security Certificate
The Security Certificate is not from a trusted certifying Authority
Outlook is unable to connect to the proxy Server mail.yourservername.com (Error Code 8)

The Certificate is Self Assigned..Scratching my Head with this not sure if there is an issue there or it is just something on his computer..
Please Help...?
Thanks in advance

Big_Daddy
0
Comment
Question by:big_daddy_pimp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 12

Assisted Solution

by:tgtran
tgtran earned 450 total points
ID: 38757665
You need to have the user to install the new cert's root in "trusted root certificate authorities"

:
1. Click Install Certificate when you are prompted with the Certificate dialog box.
2. Click Next.
3. Click to select the Place all certificate in the following store check box.
4. Click Browse.
5. Click Trusted Root Certification Authorities, and then click OK.
6. Click Next, Finish, OK
0
 
LVL 13

Expert Comment

by:murgroup
ID: 38757666
Self signed certs are funky when it comes to Outlook. Phones usually don't have a problem with them. If your clients are Outlook 2007 or 2010 you will need to install the cert manually on each client machine using the certificates MMC. Yes this sucks so I suggest purchasing a valid SSL cert from Godaddy or other provider. A UCC cert works best but you can make a single cert work.
0
 

Author Comment

by:big_daddy_pimp
ID: 38757696
Thanks GUys I have tried that, when i see the certificate it doesnt have the option to install it..

Big_Daddy
0
NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

 
LVL 13

Accepted Solution

by:
murgroup earned 1050 total points
ID: 38757717
I'm not sure what tgtran is talking about but let me see if I can explain better. Do this on the client machine. Make sure Outlook is closed before you begin.

1. copy your self signed cert to a network share or flash drive
2. click start, run and type mmc. click file and add/remove snapin. Choose certificates and click add. Click computer account then local computer. Click OK.
3. In the mmc you will see trusted root and intermediate cert authorities. Hit the arrow next to each and you will see certificates.
4. right click certificates and click all tasks - import.
5. browse to the location where the certificate is stored and install it.

Do this for each store (personal, trusted and intermediate) then try Outlook and see if it connects.

On the server side make sure you applied the certificate correctly in exchange then do an iisreset.

Enable-ExchangeCertificate -Services IMAP, POP, IIS, SMTP -thumbprint yoursslcertthumbprint
0
 
LVL 13

Expert Comment

by:murgroup
ID: 38757720
Also make sure your SSL cert is showing in IIS manager.
0
 
LVL 13

Expert Comment

by:murgroup
ID: 38757794
Also not sure if you're familiar with this site but it should help troubleshoot.

https://www.testexchangeconnectivity.com/#
0
 

Author Comment

by:big_daddy_pimp
ID: 38761426
Thanks Guys appreciate all your help, the testexchangeconnectivity  site has never worked my Server always fails the tests even though it is working fine...
I found my issue, i added the The URL into the trusted sites list in IE and then it allowed me to manually Install the security Certificate and works fine know thank you guys for your input.. It is much appreciated, i went through a few of your suggestions which got me to the answer thankyou all..

Big_Daddy
0

Featured Post

Learn Veeam advantages over legacy backup

Every day, more and more legacy backup customers switch to Veeam. Technologies designed for the client-server era cannot restore any IT service running in the hybrid cloud within seconds. Learn top Veeam advantages over legacy backup and get Veeam for the price of your renewal

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes how to import Lotus Notes Contacts into Outlook 2016, 2013, 2010 and 2007 etc. with a few manual steps. You can easily export and migrate Lotus Notes contacts into Microsoft Outlook without having to use any third party tools.
The main intent of this article is to make you aware of ‘Exchange fail to mount’ error, its effects, causes, and solution.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question