Solved

Exchange 2013 Security Certificate

Posted on 2014-10-29
3
146 Views
Last Modified: 2014-11-03
I am testing a new deployment of Exchange 2013.  I have a new domain name purchased, and licensed from godaddy, have already made all of the DNS forwarding changes and MX pointers.  I have email working on the server. Our domain is set as l*********p.net . This is our external, public domain.  Our internal, private domain is just set as *example.com.  This was setup before I ever even came on board years ago.

I have purchased a multi domain security certificate for our public domain, but this is where the issue comes into play.  When I enable that certificate, I can access our Exchange server from the web-portal both internally and externally just fine, everything works as it is supposed to, EXCEPT for Outlook. If I try and add the Exchange account to Outlook (2013) it gives error codes that the Security Certificate does not match, as it is looking at the local name of the Exchange Server itself (dc4.example.com).  The issue here is that I cannot purchase the *example.com domain as it is owned by someone else.  This has not been an issue in the past, since we never needed to have a public facing domain before.  Well, since we don't 'technically' own the rights to the public *example.com domain, I cannot get a third party certified certificate with that domain name in it. I can create a self-certified certificate through Exchange, that includes the domain, but then every web browser throws up security warnings every time you try to connect both internally and externally.

What is the best practice here to make both ends meet?
0
Comment
Question by:Brendon Gaige
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 29

Accepted Solution

by:
becraig earned 500 total points
ID: 40411183
All you need to do here is to set autodiscover internaluri to match your external url.

Here is a really simple step by step on how to get this working (Step 7):
http://www.mustbegeek.com/configure-external-and-internal-url-in-exchange-2013/
0
 

Assisted Solution

by:Brendon Gaige
Brendon Gaige earned 0 total points
ID: 40411277
Thank you, actually the step I was missing was step 6, in changing the Outlook Anywhere address, it was still pointed at the servers local domain name, instead of the public address (which I already have SNAMES for in our DNS).  Now it is working like a champ once I reset the certificates.  Thank you very much for that link!
0
 

Author Closing Comment

by:Brendon Gaige
ID: 40419019
Actual suggestion was not where the issue was occurring, but provided link did involve the correction necessary to fix the issue.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Changing a few Outlook Options can help keep you organized!
If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
how to add IIS SMTP to handle application/Scanner relays into office 365.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question