Link to home
Start Free TrialLog in
Avatar of Sick_Puppy
Sick_Puppy

asked on

Exchange 2010 SSL Certificate errors

Good day ya all,

I have a question about Exchange 2010 SP1.  When I try to connect a client on RPC/HTTPS I keep getting a certificate error.  I have a self signed certificate from our own internal CA.

I can connect Phones and Tablets 100% working, but as soon as I try to connect any outlook client to run on RPC a get a error stating that the certificate is not trusted.

Now I now from looking around on the net that all white papers say that I have to install a third Party Trusted SSL certificate, but a SAN certificate is not cheap any more from my currency to Dollar, an my Director does not want to pay the money.

So my question is, is there any way to tell outlook or exchange to disgard certificate error and just connect to exchange anyway no matter what.  I dont care if its a secure connection on not, I just want outlook to connect.

I have setup my DNS Records, OWA is working from the outside.
ASKER CERTIFIED SOLUTION
Avatar of Simon Butler (Sembee)
Simon Butler (Sembee)
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Sick_Puppy
Sick_Puppy

ASKER

Hi Simon,
You are spot on,When browsing to OWA,I do get the SSL warbing page.  But my proplem is that Outlook does not connect at all,even if you accept the certificate error it then just gives a certificate name mismatch error and then disconnects.

The certificate that tou are talking about,is that the certificate on exchange or the one from the DC that I should import into the client machine?

Jaco
Outlook cannot cope with the certificate prompt, so that will stop Outlook Anywhere from connecting.

I am referring to the root certifcate on the Certificate Authority. I don't deploy CA for any clients (I always use commercial certificates) so I am not sure where you download it.

You don't want to download the server's own certificate.

Simon.
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.