Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Secure Certificate for Exchange Problem

Posted on 2014-02-05
3
Medium Priority
?
294 Views
Last Modified: 2014-02-05
I have an external domain aaa.org and our internal network is zzz.net.  Users accessing email using mail.aaa.org/owa from outside our network have no problem.  However, users on our internal network connecting to email through outlook 2010 to server.zzz.net running Exchange 2010 get an error saying:
_____________________________________________________________________________________________
server.zzz.net

The name on the security certificate is invalid or does not match the name of the site.
_____________________________________________________________________________________________

This error occurs because the domain zzz.net is not on the certificate.  We can't include the domain zzz.net on the certificate because the network is internal and is not registered with whois.

Can you tell me the best way to configure this server so that users on the internal network do not get this certificate error?  I'd rather not go with a split DNS zone if at all possible, as that raises other issues.

Thanks in advance for your help.
0
Comment
Question by:Stolzman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 2000 total points
ID: 39836577
All you need to do is run the following Exchange Management Shell commands to change the internal URL pointers to the External URL that is included in the SSL Certificate:

Set-AutodiscoverVirtualDirectory -Identity * –internalurl “https://mail.aaa.org/autodiscover/autodiscover.xml”
Set-ClientAccessServer –Identity * –AutodiscoverServiceInternalUri “https://mail.aaa.org/autodiscover/autodiscover.xml”
Set-webservicesvirtualdirectory –Identity * –internalurl “https://mail.aaa.org/EWS/Exchange.asmx”
Set-oabvirtualdirectory –Identity * –internalurl “https://mail.aaa.org/oab”
Set-owavirtualdirectory –Identity * –internalurl “https://mail.aaa.org/owa”
Set-ecpvirtualdirectory –Identity * –internalurl “https://mail.aaa.org/ecp”
Set-ActiveSyncVirtualDirectory -Identity * -InternalUrl "https://mail.aaa.org/Microsoft-Server-ActiveSync

(Obviously replace the aaa.org part with your real domain name and then the error will go away).

Alan
0
 
LVL 1

Author Closing Comment

by:Stolzman
ID: 39837518
Yup, that stopped the error messages.  Thanks so much for the extremely quick and accurate response.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39837634
You're welcome.  Glad it fixed the messages for you.

Alan
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question