Exchange 2013 SP1, Outlook Certificate Error after removing local SAN names from SSL Certificate.
Posted on 2014-04-12
I recently had to renew our UC SSL Certificate, and now obviously you can't include internal non FQDN domains such as .local. So I remeoved the .local internal SANs from the certificate and changed the virtual directories to use the external FQDN address for both internal and external access, as well as Outlook Anywhere. This has worked, but I now get a certificate error saying that the name is invalid or does not match the certificate.
I'm obvioulsy missing some setting or name. My server is Exchange2013.localdomain and the external name is mail.fddomain.com. Apart from the virtual directories, Outlook Anywhere and the Autodiscover Url (all of which have the external url), what else needs to be set to avoid the certificate error.
My Certificate has Autodiscover.fddomain.com, mail.fddomain.com, fddomain.com in the SANs, so it sould all be ok. But, somewhere Exchange2013.localdomain is being referenced and I can't think where.
Any pointer will be very much appriciated!
I am running Exchange 2013 SP1 on Windows 2012 STD and Outlook 2013 clients.