Solved

Secure Certificate for Exchange Problem

Posted on 2014-02-05
3
292 Views
Last Modified: 2014-02-05
I have an external domain aaa.org and our internal network is zzz.net.  Users accessing email using mail.aaa.org/owa from outside our network have no problem.  However, users on our internal network connecting to email through outlook 2010 to server.zzz.net running Exchange 2010 get an error saying:
_____________________________________________________________________________________________
server.zzz.net

The name on the security certificate is invalid or does not match the name of the site.
_____________________________________________________________________________________________

This error occurs because the domain zzz.net is not on the certificate.  We can't include the domain zzz.net on the certificate because the network is internal and is not registered with whois.

Can you tell me the best way to configure this server so that users on the internal network do not get this certificate error?  I'd rather not go with a split DNS zone if at all possible, as that raises other issues.

Thanks in advance for your help.
0
Comment
Question by:Stolzman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 500 total points
ID: 39836577
All you need to do is run the following Exchange Management Shell commands to change the internal URL pointers to the External URL that is included in the SSL Certificate:

Set-AutodiscoverVirtualDirectory -Identity * –internalurl “https://mail.aaa.org/autodiscover/autodiscover.xml”
Set-ClientAccessServer –Identity * –AutodiscoverServiceInternalUri “https://mail.aaa.org/autodiscover/autodiscover.xml”
Set-webservicesvirtualdirectory –Identity * –internalurl “https://mail.aaa.org/EWS/Exchange.asmx”
Set-oabvirtualdirectory –Identity * –internalurl “https://mail.aaa.org/oab”
Set-owavirtualdirectory –Identity * –internalurl “https://mail.aaa.org/owa”
Set-ecpvirtualdirectory –Identity * –internalurl “https://mail.aaa.org/ecp”
Set-ActiveSyncVirtualDirectory -Identity * -InternalUrl "https://mail.aaa.org/Microsoft-Server-ActiveSync

(Obviously replace the aaa.org part with your real domain name and then the error will go away).

Alan
0
 
LVL 1

Author Closing Comment

by:Stolzman
ID: 39837518
Yup, that stopped the error messages.  Thanks so much for the extremely quick and accurate response.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39837634
You're welcome.  Glad it fixed the messages for you.

Alan
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
This video discusses moving either the default database or any database to a new volume.
Suggested Courses

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question