SSL Certificate Security Alert
Main office running SBS2011
I setup 3 new Windows 7 Prof. 64 bit machines and install Office Prof. 2013
Setup Outlook 2013 to use our Exchange server 2010 which runs on our Small Business server 2011.
I then moved these computers to our second office out of town
The second office and our main office is connected with VPN router to router
the router on the second office points to the main office for DNS this way my users can use mapped drives on the server in the main office.
It's been running fine for a couple months but now the three computers at the second office keeps getting the SSL security alert when they open up Outlook 2013
I tried to resolve at the user end by selecting "View Certificate.
Any suggestions are appriocated
I setup 3 new Windows 7 Prof. 64 bit machines and install Office Prof. 2013
Setup Outlook 2013 to use our Exchange server 2010 which runs on our Small Business server 2011.
I then moved these computers to our second office out of town
The second office and our main office is connected with VPN router to router
the router on the second office points to the main office for DNS this way my users can use mapped drives on the server in the main office.
It's been running fine for a couple months but now the three computers at the second office keeps getting the SSL security alert when they open up Outlook 2013
I tried to resolve at the user end by selecting "View Certificate.
Any suggestions are appriocated
mmicha
Can you be more descriptive in terms of the error or warning you are receiving from those stations?
ASKER
mmicha
I uploaded a pic of the SSL security screen we are getting
I uploaded a pic of the SSL security screen we are getting
What happens when you do a traceroute from the second site to autodiscover.ksninc.com?
If you have a VPN between sites you may be using the internal name for the Exchange Server and not the external name which would cause the certificate warning. I'm not sure if your internal domain is ksninc.com or something ending in like .local / .internal.
If you have a VPN between sites you may be using the internal name for the Exchange Server and not the external name which would cause the certificate warning. I'm not sure if your internal domain is ksninc.com or something ending in like .local / .internal.
ASKER
Outlook us using server name.domain.ksninc.pvt
If I ping ksninc.com it gives me the internal
Address 192.168.1.26
The main off is in 192.168.1.0
Second office is 192.168.4.0
And the firewall in the second offices calls out 192.168.1.26 for DNS
If I ping ksninc.com it gives me the internal
Address 192.168.1.26
The main off is in 192.168.1.0
Second office is 192.168.4.0
And the firewall in the second offices calls out 192.168.1.26 for DNS
I believe because internally you are connecting to the *.pvt domain for the mail server and it isn't on the certificate is creating the problem.
I'd be curious if you added in your hosts file on one of those remote pc's if you'd still get the error:
autodiscover.ksninc.com 192.168.1.x (your exchange server address)
I'd be curious if you added in your hosts file on one of those remote pc's if you'd still get the error:
autodiscover.ksninc.com 192.168.1.x (your exchange server address)
ASKER
so edit the local host file and add
autodiscover.ksninc.com 192.168.1.26 .26 is the Exchange server
correct?
autodiscover.ksninc.com 192.168.1.26 .26 is the Exchange server
correct?
Yes. I'm curious if you get the warning when that is in place.
ASKER
Does this look correct?
# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost
192.168.1.26 ksninc.com
# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost
192.168.1.26 ksninc.com
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I added
192.168.1.26 autodiscover.ksninc.com and it seems to be ok now
Thanks I'll give it a day to make sure
192.168.1.26 autodiscover.ksninc.com and it seems to be ok now
Thanks I'll give it a day to make sure
ASKER
Autodiscover worked