Avatar of PramoIT
PramoITFlag for Netherlands asked on

Certificate error outlook 2013 with exchange 2010

Hi,

We keep getting certificate erros in outlook 2013. We have an exchange 2010 server. We have a certificate for the server for external use. That is exchange.domain.nl the server internal name is he1.domein.local

Outlook 2013 is used on a terminal server.

When using outlook, it keeps giving the warning that the name on the certifcate doesnt match the name of the server he1.domain.local

How can i get rid of this warning?

All help is welcome, thanks.
Windows Server 2008ExchangeMicrosoft IIS Web Server

Avatar of undefined
Last Comment
PramoIT

8/22/2022 - Mon
jerseysam

You may need to create a new CSR and then request a new SSL Certificate using the correct FQDN
ASKER
PramoIT

But what about the users who externally connect to the exchange server. Then they will get an error, right?
raypedong

Hi, did you use an external 3rd party Certificate Authority? if yes you need to generate a new CSR then request a new SSL certificate from the 3rd party CA with the correct FQDN  exchange.domain.nl.
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
ASKER
PramoIT

Hi,

I already have an external 3d party certificate for the exchange.domain.nl name. That works fine. The problem is that the internal outlook 2013 clients on the terminal server keep warning about the fact that the internal name he1.domain.local doesn't match the name in the certificate exchange.domain.nl
ASKER
PramoIT

Hi,

Is it possible to let exchange 2010 use multiple certificates?

OR

Is it possible to let the internal outlook clients connect via the external name exchange.domain.nl

Thanks.
R--R

You can try this from www.cohesivelogic.com for a single name SSL certificate or else add a internal FQDN to existing certificate OR create a new CSR.

http://www.cohesivelogic.com/2011/01/exchange-2010-single-name-ssl-certificates/
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER CERTIFIED SOLUTION
jerseysam

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
raypedong

Hi, you can also configure your email client to use autodiscover that will point to your public exchange server.
Simon Butler (Sembee)

You cannot get a certificate with your internal name on it.

Therefore a new certificate isn't going to help. There is no need to get a new certificate.
You just need to configure the internal DNS to use the external name everywhere.

http://semb.ee/hostnames

Simon.
Gary Coltharp

Agree with Sembee2, this is an internal DNS issue. You need an implicit zone for the public record pointing to the internal IP.

HTH
Gary
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
ASKER
PramoIT

Hi,

I've purchased a multidomain certificate and now all works fine.