Rouge Exchange 2010 Certificate

HI All, Please could any help me with this problem, i have inherited a site with a SBS2011 server which was migrated from a SBS2008 server by a previous service provider.

All pretty standard with a self signed certificate and all was working fine, Outlook autodiscover finds the server, no problems.

After about a week, some of the users get a Autodiscover certificate error pop up with certificate error, when i look at the certificate it has not relationship with the server or network or Exchange and expired in 2006 see the screen shots:

Screenshot 1

I have no idea where this certificate is or why its on the network, i cannot find it on the server, Exchange only shows the self signed certificate.

Please could somebody give me any suggestions as to how i can find this rouge certificate and remove it and restore the default Exchange 2010 Autodiscover Certificate details, ive run out of ideas here

Much appreciated
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Simon Butler (Sembee)ConsultantCommented:
It is coming from your web host.
HSphere is a hosting tool.

The clients are trying to connect to the external web host for some reason.
You need to run an Outlook Autodiscover test to see what Outlook is trying to connect to.

As it is SBS 2011, I would suggest that you run the fix my network wizard to ensure that nothing is configured incorrectly. The clients shouldn't be connecting to an external host at all.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial

Let me know first, is that this * is using.

If you are not using that certificate, then remove it.

About this set as default, then add into trust

Go to mmc --- Add certificate --- import it in Trusted Root Certification Authorities, Intermediate certification Authorities and personal.

Restart MS Transport service for the changes to take effect.

KTM200Author Commented:
Hi Mohd_Shaikh,

The problem certificate is the *, the SBS2011 server has no record of this anywhere, the installed certificate is the self signed server certificate see below

Slef Signed Server Cert
The problem is that the computers arent using this certificate and rather looking at this * certificate
Simon Butler (Sembee)ConsultantCommented: is a South African ISP - so as I said, it is coming from the ISP/Hosting company.

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.