I'm got a single Exchange 2013 server that I'm trying to configure. A very simple network, four DCs in two locations connect via VPN. Clients are using Outlook 2010 and OWA.
Originally, clients were able to connect to the exchange server with Outlook without any problem, they would just see some certificate errors. Then I installed a publicly accessible certificate from RapidSSL to permit my OWA users to connect without seeing any nasty certificate errors. The certificate works just fine for the OWA users outside the local network.
However, now this certificate appears to be affecting local users as well. Users can no longer connect via Outlook. I cannot even use Outlook at all since it will not let me set it up. If I put a hosts entry to point the external domain to local exchange server, I can get connectivity between Outlook and Exchange, but I still get many certificate errors. Without the hosts entry, I cannot configure outlook, even if I put the ip address of the exchange server or the hostname in the "Microsoft Exchange Server:" field.
I've tried to deploy the certificates via Group Policy, but I'm unsure if this is working correctly, or even if I've done it correctly.
Please take a look at the attachments.
Any help would be greatly appreciated.