Exchange 2010 with all SPs and RUs.
Most clients use OWA, using https://mail.eyecare.com/owa
(yes even internally)
Own a godaddy SSl certificate that covers eyecare.com, mail.eyecare.com, and autodiscover.eyecare.com. OWA users are covered under this.
GoDaddy will not cover our internal addresses any longer. I recently had to rekey our certificate and lost coverage of my .local addresses.
Internal: exchange.eyecare.local - I have a built-in Exchange certificate that does cover this internal address.
My OWA clients are fine - they do not get SSL errors because they are using mail.eyecare.com.
However, those that use Outlook 2010 are getting errors:
"The name on the security certificate is invalid or does not match the name of the site."
When you select "view certificate" on this error, it is pointing to the godaddy certificate for mail.eyecare.com.
When I configure Outlook 2010 to our server, it automatically inserts exchange.eyecare.local under mail server.
So, how do I tell Exchange to use the built-in exchange.eyecare.local certificate for the Outlook clients?