Autodiscover Exchange 2013 -- Turn off Connect to proxy servers that have this principal name in their certificate

Posted on 2013-11-11
Medium Priority
Last Modified: 2013-11-14

I am having issues with Exchange Server 2013. Autodiscover is checking the box (Only Connect To Proxy Servers That Have This Principal Name In Their Certificate). How can i disable this.

I have tried:
Set-OutlookProvider EXPR -CertPrincipalName none

but did not work.
Question by:harbz96
  • 2
  • 2
LVL 14

Expert Comment

ID: 39641343
You have to specify a principle name otherwise how with the cert work?
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39644516
What is the objective with wanting to disable the function?
If your SSL certificate is for host.example.com then fine. If it is for *.example.com then you can have problems, but usually only with Windows XP clients.

Outline the original issue, not what you believe is the fix.


Author Comment

ID: 39646125
Hi Simon.

Our certificate is for exchange.domain.com

But our proxy address is mail.domain.local

And it's looking for proxy address in certificate
LVL 14

Expert Comment

ID: 39647304
Your certificate must have exchange.domain.com listed as a subject alternative name (SAN) entry or be the principle name (the default name) if the default is something else but contains the san entry you can Set-OutlookProvider EXPR -CertPrincipalName exchange.domain.com
LVL 63

Accepted Solution

Simon Butler (Sembee) earned 2000 total points
ID: 39647314
You need to reconfigure Exchange to use your public name everywhere. That includes changing the internal and external host name for OWA, ActiveSync, Outlook Anywhere etc. Use a split DNS system to ensure the name resolution goes the correct place.

There should be no reason to change the OutlookProvider value if you configure the host name in Outlook Anywhere correctly.

Internal server names are not allowed on SSL certificates that expire past November 2014, so the switch to split DNS using the external name needs to happen at some point, you may as well do so for a new implementation.


Featured Post

Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

What is the biggest problem in managing an exchange environment today? It is the lack of backups, disaster recovery (DR) plan, testing of the DR plan or believing that it won’t happen to us.
Here is a method which can be used to help resolve a "Content Index Failed" error on a Microsoft Exchange Server.
The video provides a quick and easy steps to migrate MBOX file to well known Outlook PST and Office 365. Besides this, it also supports and migrates more than 20 email clients of MBOX which include AppleMail, Opera, Thunderbird and SeaMonkey effortl…
In this video I will demonstrate how to set up Nine, which I now consider the best alternative email app to Touchdown.

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question