Solved

Outlook Error: "The name of the security certificate is invalid or does not match the name of the site."

Posted on 2013-11-13
7
1,169 Views
Last Modified: 2013-11-20
We set up a new server SBS 2011 Exchange 2010. I have the SSL cert installed but the users are getting this error or pop up in Outlook: "The name of the security certificate is invalid or does not match the name of the site." They can hit Yes or even install the certificate and it will work but every time they login it gives this pop up.  I found this site with a possible solution but I'm not very familiar with the Exchange shell commands and don't want to mess anything up do you think these commands are the solution?

STEP 1:

Exchange 2010 and SBS 2011
(Change the values in red where “EXCHANGE-MAIL” is your internal server name and “mail.publicdomain.co.uk“ is your external server name)

Set-ClientAccessServer -Identity EXCHANGE-MAIL -AutodiscoverServiceInternalUri https://mail.publicdomain.co.uk/autodiscover/autodiscover.xml

Set-WebServicesVirtualDirectory -Identity “EXCHANGE-MAIL\EWS (Default Web Site)” –InternalUrl https://mail.publicdomain.co.uk/EWS/Exchange.asmx

Set-OABVirtualDirectory -Identity “EXCHANGE-MAIL\OAB (Default Web Site)” -InternalURL https://mail.publicdomain.co.uk/OAB

Set-ActiveSyncVirtualDirectory -Identity “EXCHANGE-MAIL\Microsoft-Server-ActiveSync (Default Web Site)” -InternalURL https://mail.publicdomain.co.uk/Microsoft-Server-Activesync

If you plan to use Outlook Anywhere, execute the following command for Exchange 2010 and SBS 2011.

Set-WebServicesVirtualDirectory –Identity ‘EXCHANGE-MAIL\EWS (Default Web Site)’ –ExternalUrl https://mail.publicdomain.co.uk/ews/exchange.asmx

http://www.topitproviders.net/index.php/2013/06/19/outlook-error-the-name-of-the-security-certificate-is-invalid-or-does-not-match-the-name-of-the-site/
0
Comment
Question by:Axis52401
7 Comments
 
LVL 8

Expert Comment

by:I Qasmi
ID: 39644975
It seems that the virtual directory for OWA , Activesync , EWS , OAB are not correctly set
if that is the reason you need to run these commands and configure the correct path and after that restart the server for the changes to take effect correctly.

Also you can check the event viewer for MSExchange Transport event : 12015 , 10214 , 12016 etc for the certificate errors issues .

take the thumbprint of the certificate you are experiencing errors

also the FQDN for which it is giving errors.

or go to Exchange powershell and enter the command

Get-ExchangeCertificate | fl - Enter

all certificates will be listed

There you can check with thumbprint which certificate is assigned to which FQDN.

Refer my answers in EE :http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_28068630.html
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39645086
Why are you changing the configuration manually?
As this is an SBS server, running the wizards will configure everything for you - no need to run PowerShell commands. What you have now is a confused server.

Run the wizards in the SBS management console to configure the server. If you have an SSL certificate for mail.example.com then you will have to do a custom configuration in the wizard, as it prefers remote.example.com.

Once you have run the configuration wizards, use the install SSL certificate wizard to enable the SSL certificate you have and the errors will go away.

Simon.
0
 
LVL 4

Expert Comment

by:Satish Auti
ID: 39645163
I agree with Semee, there is no need to manual intervention. Run network wizard to configure the certificate.
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 2

Author Comment

by:Axis52401
ID: 39645484
I already imported the SSL into exchange. I haven't run any of these commands yet. Are you saying I can use some wizard to fix the problem?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39645497
You need to run the SBS wizards, which includes the SSL wizard. It will not overwrite your trusted SSL certificate.

The key with SBS is to complete all of the wizards before you start manual modifications. That is how SBS is designed to work. If you don't then you will find things don't work exactly as expected, not just with Exchange, but others parts of SBS.

Simon.
0
 
LVL 2

Author Comment

by:Axis52401
ID: 39645613
Can you tell me how to start this wizard? Is it under program files is it a command line exe?
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 39647303
The wizards are in the SBS management console.
On the Home tab, under Getting Started. There are five, under the section Connect to the Internet.

Simon.
0

Featured Post

Being driven mad by email signature updates?

Having to make a change to your users’ email signatures, yet again? Feel like your head is going to explode? Rely on an Exclaimer email signature management solution to make the process simple!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now