• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 726
  • Last Modified:

Outlook 2010 and Exchange 2010 Autodiscover Error

Purchased a cert for our domain - "mail.domain.com", looks like I need one for "autodiscover.domain.com" is that correct? Created an 'A' record to resolve externally.

Second part - after installing the new cert, internally I am getting a certificate error when launching Outlook.  Configured a DNS entry internally - "autodiscover.domain.local"

Error = The name on the security certificate is invalid or does not match the name of the site.  Guessing bec the new cert is for "mail.domain.com"

Can I create a new one within Exchange to handle internal users and if so how or do I have to purchase a SAN cert?

2 Solutions
Patrick BogersDatacenter platform engineer LindowsCommented:
Hi Bill,

mail.domain.com is good and yes! it needs an a record in the DNS.

I believe you get a certificate error internally because you need to distribute the certificate to all clients through group policies and have it installed in the trusted authorities.
(test this by installing the certificate on one machine and connect)

Autodiscovery is an instrument that helps computers finding all necessary information about the exchange enviroment like, who is the exchange server. (imagine a new user opens Outlook for the first time and Outlook auto-configures by itself)
If you want to work with this mechanism you would need a SAN certicate which has all the names in it like mail.domain.com and autodiscover.domain.com but you could do without autodiscover.

Mohammed KhawajaManager - Infrastructure:  Information TechnologyCommented:
It is best practice to buy SAN certificates as HTH mentioned you could include things such as autodiscover, local server name (xyz@domain.local, etc.).
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now