Outlook error The name on the certificate is invalid

When I open Outlook 2010 connected to a SBS server 2008 using Exchange 2007 the client gets an error " The name on the certificate is invalid or does not match the name of the site"
hanniemcleanAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Seth SimmonsSr. Systems AdministratorCommented:
the name on the certificate has to match the site as it's published
if the mail server is configured for mail.acme.com then the certificate needs to include mail.acme.com else you will get that error
0
hanniemcleanAuthor Commented:
It does match. It is a self signed certificate and exchange is used internally only.
0
Seth SimmonsSr. Systems AdministratorCommented:
did this just start happening?  did something change?
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

hanniemcleanAuthor Commented:
It just started to happen. The exchange Certificate is due to expire in December so it is still valid. I have 3 SBS servers of about the same vintage and all are doing the same thing. I am sure once I fix one the others will follow. How can I confirm that the mail server is configured for server.domain.local?
0
Seth SimmonsSr. Systems AdministratorCommented:
3 SBS servers?
you can only have 1 SBS server per forest
0
hanniemcleanAuthor Commented:
3 different clients. That didnt answer my last question...
0
Larry Struckmeyer MVPCommented:
If I had to guess this is a DNS problem at the root.  Maybe caused by not using the wizards to setup/maintain the SBS.  Please run the SBS BPA and the Fix My Network wizards and fix anything it/you find.

The below article may give further insight.

http://support.microsoft.com/kb/940726
0
Seth SimmonsSr. Systems AdministratorCommented:
so you have 3 different clients each with their own SBS server and all 3 suddenly experience the same invalid certificate error?

you said the certificate will expire in december
does that imply you are using the same certificate on each of the 3 servers?
your explanation of the environment is not clear and lacks detail
0
hanniemcleanAuthor Commented:
Thanks Larry. I will try the dns fix. I saw the kb article. I think it wont work because it is an sbs server and the paths may be different. I will report back.
Seth: They each are completely independent servers. The cert is self signed created with the original install. I only mentioned the 3 because I thought it might be an update or something expired. Sorry to confuse you.
0
hanniemcleanAuthor Commented:
So I ran the SBS BPA and discovered that server authentication Microsoft exchange certificate is expired. I am not able to renew it. I get an enrollment error.. No certificate template information
0
hanniemcleanAuthor Commented:
I have installed a Public SSL certificate. It works fine when using OWA but when the clients connect internally it still gives a certificate mismatch error. In the past I have been able to create the certificate and include the server name and the server.domain.local name in it. Since that is not the case any longer I am wondering how I can get it working with the public SSL.
0
Seth SimmonsSr. Systems AdministratorCommented:
do your URLs match the certificate?

Configure Exchange Services for the Autodiscover Service
http://technet.microsoft.com/en-us/library/bb201695%28v=exchg.141%29.aspx
0
hanniemcleanAuthor Commented:
The outlook error is saying that it is trying to connect to server.domain.local. The certificate is public for the .com domain.
0
Seth SimmonsSr. Systems AdministratorCommented:
do the URLs (autodiscover, OWA, etc.) match the certificate?
if the URLs are configured for .local then that would cause this
they need to be for .com

may also need split dns configured

Windows - Setting Up Split DNS
http://www.petenetlive.com/KB/Article/0000830.htm
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.