Solved

There is a problem with the proxy server's security certificate, Code error 8

Posted on 2013-01-08
7
14,928 Views
Last Modified: 2013-01-09
Hi Guys I have a Exchange 2010 that has been running for 2 Years and Clients have been connecting to it for 2 years no problems. using Smartphones etc, OWA no problems at all..
The Exchange Certificate Expired on the 5th so as far as i am aware clients using Outook anywhere access, are having issues connecting.
I renewed the Web Services Certificate by doing the following
Get-ExchangeCertificate –Thumbprint “**************************” | New-ExchangeCertificate .. with the correct thumb print key of course.. and selected yes to overwrite.. ok..
I can connect to it from my computer if i setup Outlook anywhere access through Outlook, I can get to OWA access , i can get access from my Samsung Phone and connect and send and receive Email..
This is the first user i am having issues with the rest are still on holidays so i am expecting more of them.. He has Outlook anywhere working for the last 2 years and stopped working when certificate expired, I have tried installing certificate again , doesnt work, if I VPN into the network it works fine and updates his Email..  But the Error he Gets  is the Following:

There is a Problem with the Proxy Server's Security Certificate
The Security Certificate is not from a trusted certifying Authority
Outlook is unable to connect to the proxy Server mail.yourservername.com (Error Code 8)

The Certificate is Self Assigned..Scratching my Head with this not sure if there is an issue there or it is just something on his computer..
Please Help...?
Thanks in advance

Big_Daddy
0
Comment
Question by:big_daddy_pimp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 12

Assisted Solution

by:tgtran
tgtran earned 150 total points
ID: 38757665
You need to have the user to install the new cert's root in "trusted root certificate authorities"

:
1. Click Install Certificate when you are prompted with the Certificate dialog box.
2. Click Next.
3. Click to select the Place all certificate in the following store check box.
4. Click Browse.
5. Click Trusted Root Certification Authorities, and then click OK.
6. Click Next, Finish, OK
0
 
LVL 13

Expert Comment

by:murgroup
ID: 38757666
Self signed certs are funky when it comes to Outlook. Phones usually don't have a problem with them. If your clients are Outlook 2007 or 2010 you will need to install the cert manually on each client machine using the certificates MMC. Yes this sucks so I suggest purchasing a valid SSL cert from Godaddy or other provider. A UCC cert works best but you can make a single cert work.
0
 

Author Comment

by:big_daddy_pimp
ID: 38757696
Thanks GUys I have tried that, when i see the certificate it doesnt have the option to install it..

Big_Daddy
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 13

Accepted Solution

by:
murgroup earned 350 total points
ID: 38757717
I'm not sure what tgtran is talking about but let me see if I can explain better. Do this on the client machine. Make sure Outlook is closed before you begin.

1. copy your self signed cert to a network share or flash drive
2. click start, run and type mmc. click file and add/remove snapin. Choose certificates and click add. Click computer account then local computer. Click OK.
3. In the mmc you will see trusted root and intermediate cert authorities. Hit the arrow next to each and you will see certificates.
4. right click certificates and click all tasks - import.
5. browse to the location where the certificate is stored and install it.

Do this for each store (personal, trusted and intermediate) then try Outlook and see if it connects.

On the server side make sure you applied the certificate correctly in exchange then do an iisreset.

Enable-ExchangeCertificate -Services IMAP, POP, IIS, SMTP -thumbprint yoursslcertthumbprint
0
 
LVL 13

Expert Comment

by:murgroup
ID: 38757720
Also make sure your SSL cert is showing in IIS manager.
0
 
LVL 13

Expert Comment

by:murgroup
ID: 38757794
Also not sure if you're familiar with this site but it should help troubleshoot.

https://www.testexchangeconnectivity.com/#
0
 

Author Comment

by:big_daddy_pimp
ID: 38761426
Thanks Guys appreciate all your help, the testexchangeconnectivity  site has never worked my Server always fails the tests even though it is working fine...
I found my issue, i added the The URL into the trusted sites list in IE and then it allowed me to manually Install the security Certificate and works fine know thank you guys for your input.. It is much appreciated, i went through a few of your suggestions which got me to the answer thankyou all..

Big_Daddy
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many people use more than one email account and so it becomes difficult for them to manage them when they use separate accounts,  so, in this article, I have shared an easy way to add Other Mail Accounts in your Google Inbox. It helps to combine all…
Outlook for dependable use in a very small business   This article is about using the Outlook application (part of Microsoft Office) in a very small business, or for homeowners where dependability and reliability are critical requirements. This …
Many of my clients call in with monstrous Gmail overloading issues with Outlook. A quick tip is to turn off the All Mail and Important folders from synching. Here is a quick video I made to show you how to turn off these and other folders in Gmail s…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question