Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Outlook for remote users - Name on security certificate is invalid

Posted on 2013-06-05
5
Medium Priority
?
295 Views
Last Modified: 2013-12-11
Some of our remote users see a security alert pop up when they use Outlook 2007 and connect to our Exchange server over the internet.  Our Exchange 2007 server uses a self-signed certificate and this has been working great for many years.  We just need to import the certificate in IE and that's it.

The certificate information shows it is issued to *.ssldomain.com / Trustwave and I don't know where that comes from.  Our own certificates show up just fine under the Trusted Rood Certification Authorities in IE and everything else works just fine.

We tried to install this problem certificate, shows it installed fine but the message returns the next time Outlook is opened.  Outlook can sync just fine with our Exchange server but the security alert is annoying.  Remote computer is Windows 7 with IE10.
outlook1.jpg
outlook2.jpg
outlook3.jpg
0
Comment
Question by:rwottowa
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 42

Accepted Solution

by:
Adam Brown earned 2000 total points
ID: 39223736
Check to see what server your autodiscover.magnetics.com DNS record is pointing to. It looks like it's currently pointing to your web hosting server, which is probably being run by SSLDomain.com. If you're using a hosted Exchange solution, you'll want to talk to your hosting provider to get a better certificate assigned.

That said, if you use a self-signed certificate with Exchange, you're going to have some issues with it for a while. Spend a little money getting a valid 3rd Party SSL SAN cert and you'll have fewer headaches to deal with (like making people install the certificate).
0
 

Author Comment

by:rwottowa
ID: 39223807
As far as i know, we don't have anything set up for autodiscover.magnetics.com, only a host record for mailserv.magnetics.com.

Should we have a host record set up for autodiscover as well and point to our Exchange server, same as mailserv?

Either way, I think switching to a third party ssl is a good idea.  Any suggestions for providers are welcome as well.
0
 
LVL 42

Expert Comment

by:Adam Brown
ID: 39223927
Here, I wrote a blog on how Autodiscover works and some tricks you can use to get it working right: http://acbrownit.wordpress.com/2012/12/20/internal-dns-and-exchange-autodiscover/

Autodiscover uses a predictable pattern for finding the right spot for where to look for configuration info. it starts looking at https://domain.com/autodiscover/autodiscover.xml and then moves on to other records. The blog post has more details.
0
 

Author Comment

by:rwottowa
ID: 39227215
I tried with adding autodiscover as a host record on our ISP.  It is seeing mailserv.magnetics.com as the name on the certificate now but still shows up every time Outlook is started.  When it is installed, it shows it was successful but still shows up again the next time.
0
 

Author Closing Comment

by:rwottowa
ID: 39712315
Installing a 3rd party SSL certificate is the best way to go forward.
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Suggested Courses

671 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question