Optimus NZ
asked on
Trusted Cert issue in Outlook
Hi Team
Over the weekend we have installed a new server on a client's site and in the process replaced Exchange 2007 with Exchange 2010.
All the end users appear to be up and running without issue save for one who is receiving error messages saying that the Certificate is not trusted.
The certificate that the end users machine is referencing is the self-signed cert from the server rather than the godaddy cert.
We have cleared out all the certificates from cert manager and attempted to install the godaddy cert but it still references the self-signed cert.
If anyone would be able to help it would be much appreciated
Thanks
Over the weekend we have installed a new server on a client's site and in the process replaced Exchange 2007 with Exchange 2010.
All the end users appear to be up and running without issue save for one who is receiving error messages saying that the Certificate is not trusted.
The certificate that the end users machine is referencing is the self-signed cert from the server rather than the godaddy cert.
We have cleared out all the certificates from cert manager and attempted to install the godaddy cert but it still references the self-signed cert.
If anyone would be able to help it would be much appreciated
Thanks
ASKER
Hi Daniel
Thank you for your prompt reply.
We haven't tried rebuilding the profile yet as they have the same issue in OWA as well (which I should have mentioned before).
Thanks
Thank you for your prompt reply.
We haven't tried rebuilding the profile yet as they have the same issue in OWA as well (which I should have mentioned before).
Thanks
Is the exchange environment a single server environment?
Regards,
Daniel
Regards,
Daniel
Can you try running the below command in your exchange shell and letting me know what the result is?
get-exchangecertificate
Regards,
Daniel.
get-exchangecertificate
Regards,
Daniel.
ASKER
Hi Daniel
The customer only has a single exchange server.
This is the readout from command is get-exchangecertificate is as below.
456084E906CFB0B8C63B472542 A21FF11104 EB49 ...... CN=mail.wtpartnership.co.n z, OU=Domain Control Validated
3ABEF6E080136F6442AB096577 EA8116CBD8 A0BA ...WS. CN=mail.wtpartnership.co.n z
61AA8D9AF97EC2E6502A62CC67 857BE6D490 8042 ...... CN=localhost
0C9CC062EA30330C67B532CB3A 513CF2F124 C000 IP..S. CN=Sites
6D98E9D9B4F3928E0609002621 2E2F71AB99 005D ...... CN=wtpartnership-WTP-AKL01 -CA
14F1D315BD2229817B664C0F3F 8A22813489 AD69 ...... CN=WTP-AKL01.wtpartnership .local
0C090FC2486B0B43686636159C 19154DFD29 427C ...... CN=WMSvc-WIN-DF5IJP7P710
The customer only has a single exchange server.
This is the readout from command is get-exchangecertificate is as below.
456084E906CFB0B8C63B472542
3ABEF6E080136F6442AB096577
61AA8D9AF97EC2E6502A62CC67
0C9CC062EA30330C67B532CB3A
6D98E9D9B4F3928E0609002621
14F1D315BD2229817B664C0F3F
0C090FC2486B0B43686636159C
ok which one is the thumbprint of the new certificate?
Regards,
Daniel
Regards,
Daniel
Hi Optimus_nz,
Make sure in IIS, the default websites' binding for port 443 has the correct certificate selected (i've attached a screenshot).
Also in the Exchange System Manager, make sure you've assigned the services to the certificate:
http://technet.microsoft.com/en-us/library/dd351257(v=exchg.141).aspx
I hope this info helps.
sitebinding.jpg
Make sure in IIS, the default websites' binding for port 443 has the correct certificate selected (i've attached a screenshot).
Also in the Exchange System Manager, make sure you've assigned the services to the certificate:
http://technet.microsoft.com/en-us/library/dd351257(v=exchg.141).aspx
I hope this info helps.
sitebinding.jpg
This was the point I was getting to,
The command that you need to run specifically is
Enable-ExchangeCertificate -Services IMAP, POP -Thumbprint {your thumbprint here}
Kind regards,
Daniel
The command that you need to run specifically is
Enable-ExchangeCertificate
Kind regards,
Daniel
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
After loads more poking around, managed to figure this out.
Have you tried rebuilding the users Outlook profile through the mail setup in the control panel.
Let me know how you go.
Regards,
Daniel.