All,
Presently I am in the middle of upgrading to Exchange 2013 and I am having a few problems. The most annoying one is with internal and external DNS. We use a internal TLD company.local, this was setup before I got here and generally is not worth the trouble to try and fix, as we have quite a large number of systems.
Anyway because of changes in using internal names on public certificates, see link below, I cannot request a certificate from a public CA with company.local as a SAN.
GoDaddy
In light of this I decided to setup two Client Access servers, one public and one private. The private server would use an internal certificate from my internal CA. The public server would use a UCC certificate from Godaddy with my public addresses for mail, owa, and autodiscover.
MX1.company.local = Client Access (Private)/Mailbox
MX2.company.local = Client Access (Public)
Now my Exchange 2013 test users (including myself) are getting errors saying certificate for (MX2.company.local) is not valid. This is true, because they are connecting to the internal domain name. Also, we are constantly being prompted for our username and password. Frequently we type the correct combination and it comes up again.
I have attempted to remove all references to MX2.company.local from internal server virtual directories for mx2.company.local and point Outlook anywhere on MX2 to MX1. So at present the internal virtual directories on MX2 are blank, only public directories are filled out, and MX1 only has internal directories. This still has not worked.
Please help this is extremely painful.
Our community of experts have been thoroughly vetted for their expertise and industry experience.
The Most Valuable Expert award recognizes technology experts who passionately share their knowledge with the community, demonstrate the core values of this platform, and go the extra mile in all aspects of their contributions. This award is based off of nominations by EE users and experts. Multiple MVEs may be awarded each year.