Exchange 2010 OutLook anyhwere troubelshooting

Posted on 2013-09-16
Medium Priority
Last Modified: 2013-09-23
Hi Experts,

My situation is like below;

I have email servers hosted outside of my network: mydomain.com
I have internal win2k8 AD domain: mydomain.local
Exchange server 2010 deployed in a separate win2k8 server and "accepted domain" has been changed to: mydomain.com

Now email sending is fine, receiving using the POP configured in the Out Look Client.

From my internal network OutLook anywhere is connecting to the Exchange server and working any without issue.

I have created "A" record and pointed exchange.mydomain.com in to the Exchange server via 443. And I'm trying to connect OutLook Anywhere from a public network. It's detects the SLL certificate too (it's an expired self singed one by the win2k8 server) but not connecting.

What could be the reason ? Thanks a lot for your time !
Question by:Shakthi777
LVL 23

Expert Comment

by:Patrick Bogers
ID: 39496603

Sounds like you enforce the use of SSL instead of allow the use of SSL. (which is best practice)

To ensure this policy:

In IIS Manager, select Default Web site or the Web site on which you're hosting your Outlook Web App virtual directories.
2. In the Web site Home pane, double-click SSL Settings in the IIS area.
3. In SSL Settings, select the Require SSL check box.

In your case you could try, allow SSL instead of require (meaning there must be a valid one in place)

LVL 63

Accepted Solution

Simon Butler (Sembee) earned 2000 total points
ID: 39496892
The self signed SSL certificate is not supported for use with Outlook Anywhere. Furthermore if the SSL certificate has expired then I would expect Outlook to fail to connect.
You need to use switch to a trusted valid SSL certificate before you test any further.


Expert Comment

ID: 39497323
First of all,

Self-signed certificate is only use of Internal purpose, even we can use it for external, but it is not trusted.

If you want to use activesync, then you need to purchase thirdparty TLS certificate, which is more secure over the network, as compare to self-signed.

Little bit info about Certificates:

Self-Signed certificate:

1. Self-signed certificate which we create using powershell command, encrypt strenght is ony 128 bits.
Self-signed certificate we have to install manually on the client machine.

Thirdparty certificate:

1. Thirdparty certificate which is trusted and encryption strenght is 128 to 2048 bits.

2. Thirdparty certificate does not requires to install manually, its inbuit with browser.

So, you need switch to thirdparty certificate and with all the service should be enable, especially IIS for ActiveSync.

Thank You!

Author Closing Comment

ID: 39515364
Tnx !

Featured Post

Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

The Windows Firewall provides an important layer of protection and a rich interface to configure it. Unfortunately, it lacks item level filtering. This article details my process of implementing firewall-as-code to reduce GPO bloat.
Outlook is not just an email client. It's a personal information manager that has great features. Sometimes you may confront serious problems which leave you helpless. For a novice user, troubleshooting the problem is not easy. I've listed top 10 ti…
The video provides a quick and easy steps to migrate MBOX file to well known Outlook PST and Office 365. Besides this, it also supports and migrates more than 20 email clients of MBOX which include AppleMail, Opera, Thunderbird and SeaMonkey effortl…
Through the video, you can check the migration process of Outlook PST file to PDF. Kernel for Outlook to PDF tool can convert Outlook emails with all attributes like Subject, To, From, Cc, Bcc and other folders such as Inbox, Outbox, Sent Items, Jun…

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question