Solved

Outlook error The name on the certificate is invalid

Posted on 2014-09-07
14
97 Views
Last Modified: 2014-11-21
When I open Outlook 2010 connected to a SBS server 2008 using Exchange 2007 the client gets an error " The name on the certificate is invalid or does not match the name of the site"
0
Comment
Question by:hanniemclean
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 6
14 Comments
 
LVL 35

Expert Comment

by:Seth Simmons
ID: 40308677
the name on the certificate has to match the site as it's published
if the mail server is configured for mail.acme.com then the certificate needs to include mail.acme.com else you will get that error
0
 

Author Comment

by:hanniemclean
ID: 40308703
It does match. It is a self signed certificate and exchange is used internally only.
0
 
LVL 35

Expert Comment

by:Seth Simmons
ID: 40308710
did this just start happening?  did something change?
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:hanniemclean
ID: 40308732
It just started to happen. The exchange Certificate is due to expire in December so it is still valid. I have 3 SBS servers of about the same vintage and all are doing the same thing. I am sure once I fix one the others will follow. How can I confirm that the mail server is configured for server.domain.local?
0
 
LVL 35

Expert Comment

by:Seth Simmons
ID: 40308742
3 SBS servers?
you can only have 1 SBS server per forest
0
 

Author Comment

by:hanniemclean
ID: 40308758
3 different clients. That didnt answer my last question...
0
 
LVL 22

Expert Comment

by:Larry Struckmeyer MVP
ID: 40309151
If I had to guess this is a DNS problem at the root.  Maybe caused by not using the wizards to setup/maintain the SBS.  Please run the SBS BPA and the Fix My Network wizards and fix anything it/you find.

The below article may give further insight.

http://support.microsoft.com/kb/940726
0
 
LVL 35

Expert Comment

by:Seth Simmons
ID: 40309200
so you have 3 different clients each with their own SBS server and all 3 suddenly experience the same invalid certificate error?

you said the certificate will expire in december
does that imply you are using the same certificate on each of the 3 servers?
your explanation of the environment is not clear and lacks detail
0
 

Author Comment

by:hanniemclean
ID: 40309647
Thanks Larry. I will try the dns fix. I saw the kb article. I think it wont work because it is an sbs server and the paths may be different. I will report back.
Seth: They each are completely independent servers. The cert is self signed created with the original install. I only mentioned the 3 because I thought it might be an update or something expired. Sorry to confuse you.
0
 

Author Comment

by:hanniemclean
ID: 40338259
So I ran the SBS BPA and discovered that server authentication Microsoft exchange certificate is expired. I am not able to renew it. I get an enrollment error.. No certificate template information
0
 

Author Comment

by:hanniemclean
ID: 40392912
I have installed a Public SSL certificate. It works fine when using OWA but when the clients connect internally it still gives a certificate mismatch error. In the past I have been able to create the certificate and include the server name and the server.domain.local name in it. Since that is not the case any longer I am wondering how I can get it working with the public SSL.
0
 
LVL 35

Expert Comment

by:Seth Simmons
ID: 40392926
do your URLs match the certificate?

Configure Exchange Services for the Autodiscover Service
http://technet.microsoft.com/en-us/library/bb201695%28v=exchg.141%29.aspx
0
 

Author Comment

by:hanniemclean
ID: 40392933
The outlook error is saying that it is trying to connect to server.domain.local. The certificate is public for the .com domain.
0
 
LVL 35

Accepted Solution

by:
Seth Simmons earned 500 total points
ID: 40392969
do the URLs (autodiscover, OWA, etc.) match the certificate?
if the URLs are configured for .local then that would cause this
they need to be for .com

may also need split dns configured

Windows - Setting Up Split DNS
http://www.petenetlive.com/KB/Article/0000830.htm
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what you should include to make the best professional email signature for your organization.
This article explains how to install and use the NTBackup utility that comes with Windows Server.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
This video discusses moving either the default database or any database to a new volume.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question