Avatar of optimus_nz
optimus_nz
 asked on

Trusted Cert issue in Outlook

Hi Team

Over the weekend we have installed a new server on a client's site and in the process replaced Exchange 2007 with Exchange 2010.

All the end users appear to be up and running without issue save for one who is receiving error messages saying that the Certificate is not trusted.

The certificate that the end users machine is referencing is the self-signed cert from the server rather than the godaddy cert.

We have cleared out all the certificates from cert manager and attempted to install the godaddy cert but it still references the self-signed cert.

If anyone would be able to help it would be much appreciated

Thanks
OutlookEmail ClientsInternet Protocols

Avatar of undefined
Last Comment
optimus_nz

8/22/2022 - Mon
ProspectConsulting

Hi optimus_nz,

Have you tried rebuilding the users Outlook profile through the mail setup in the control panel.

Let me know how you go.

Regards,

Daniel.
optimus_nz

ASKER
Hi Daniel

Thank you for your prompt reply.

We haven't tried rebuilding the profile yet as they have the same issue in OWA as well (which I should have mentioned before).

Thanks
ProspectConsulting

Is the exchange environment a single server environment?

Regards,

Daniel
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
ProspectConsulting

Can you try running the below command in your exchange shell and letting me know what the result is?

get-exchangecertificate

Regards,

Daniel.
optimus_nz

ASKER
Hi Daniel

The customer only has a single exchange server.

This is the readout from command is get-exchangecertificate is as below.

456084E906CFB0B8C63B472542A21FF11104EB49  ......     CN=mail.wtpartnership.co.nz, OU=Domain Control Validated
3ABEF6E080136F6442AB096577EA8116CBD8A0BA  ...WS.     CN=mail.wtpartnership.co.nz
61AA8D9AF97EC2E6502A62CC67857BE6D4908042  ......     CN=localhost
0C9CC062EA30330C67B532CB3A513CF2F124C000  IP..S.     CN=Sites
6D98E9D9B4F3928E06090026212E2F71AB99005D  ......     CN=wtpartnership-WTP-AKL01-CA
14F1D315BD2229817B664C0F3F8A22813489AD69  ......     CN=WTP-AKL01.wtpartnership.local
0C090FC2486B0B43686636159C19154DFD29427C  ......     CN=WMSvc-WIN-DF5IJP7P710
ProspectConsulting

ok which one is the thumbprint of the new certificate?

Regards,

Daniel
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Michael Rodríguez

Hi Optimus_nz,
Make sure in IIS, the default websites' binding for port 443 has the correct certificate selected (i've attached a screenshot).

Also in the Exchange System Manager, make sure you've assigned the services to the certificate:
http://technet.microsoft.com/en-us/library/dd351257(v=exchg.141).aspx

I hope this info helps.
sitebinding.jpg
ProspectConsulting

This was the point I was getting to,

The command that you need to run specifically is

Enable-ExchangeCertificate -Services IMAP, POP -Thumbprint {your thumbprint here}

Kind regards,

Daniel
SOLUTION
ProspectConsulting

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
ASKER CERTIFIED SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
optimus_nz

ASKER
After loads more poking around, managed to figure this out.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy