Solved

Problem with Exchange 2007 certificate

Posted on 2013-01-23
4
511 Views
Last Modified: 2013-01-24
Hi

I have an Exchange 2007 that is running a Godaddy certificate for over one year now.
Last week I had to play with the smart host and somehow the users had hard time sending email out. So since this is a SBS I run the smarthost wizard and set it not to use a specifc smart host and also I run the email domain wizard and it told me that there is already a godady certificate and if I continue it will be overwrite by the self sign one.
So I said Ok because I knew that I will install the godaddy back after I'm done.
So after Install it to SMTP, IIS, POP, etc... I reboot the server and when I go to https://mail.domain.com/owa everything works like a charm.
But when users open Outlook they keep getting a certificate error saying that the certificate name does not match. It show remote.domain.com instead of mail.domain./com.
I looked under Details on the certificate error and it show an exclamation mark at Basic Constrains and Key Usage.
I did change on the connectors the name from remote to mail and I restart all the services but still show that error.
Any idea what I'm missing here.
0
Comment
Question by:infedonetwork
  • 2
  • 2
4 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 38812173
You shouldn't have changed the connectors to begin with. If you have an SSL certificate for remote.example.com then switch everything to that, including your MX record.

Did you run the SSL wizard in SBS to reinstall the SSL certificate?

Simon.
0
 
LVL 2

Author Comment

by:infedonetwork
ID: 38812194
The SSL is not for remote. but for mail.example.com
It works with that certificate for over a year.
Yes I run the SSL wizard in SBS for for some reason the only certificate on the list is the remote one not the mail one.
How can I get the mail one on that list?
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 38812550
SBS wants to use remote.example.com for everything, and it is strongly recommended to use that format. If you want to change it then the first thing you have to do is run the Internet Domain Name Wizard and change it to mail.example.com.
Then when you run the SSL wizard it will allow you to choose it. The wizard only shows SSL certificates that are available for the host name configured within the server.

Simon.
0
 
LVL 2

Author Closing Comment

by:infedonetwork
ID: 38813378
That work perfect. Thank you.
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Easy CSR creation in Exchange 2007,2010 and 2013
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now