I recently renewed SBS2011 self signed certificate with sbs console "fix my network". Everthing was ok until i replaced certificate with a trusted (entrust) certificate. I made the CSR for entrust from IIS and then imported it to Exchange and assigned all services to it.
Outside lan I can connect to iis remote.contoso.com and there is the trusted certificate. Inside lan outlook cannot connect, because it finds only old self signed certificate that was used before i renewed it. Same thing when from lan i connect to remote.contoso.com/owa there is also the old certificate.
I have tried with sbs console to change the certificate, but it always changes it for wan side of IIS. From exchange2010 console i have taken away this old certificate and still webmail and outlook from lan find old certificate. Autodiscover has srv record and pointing to remote.contoso.com
Any good ideas?