Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Outlook pulling certificate from our website.

Posted on 2014-12-29
4
Medium Priority
?
153 Views
Last Modified: 2014-12-30
Hello Experts,

We recently migrated our Exchange 2013 server to Office365 Exchange Online.  Outlook was popping up a cert warning for all users advising that the certificate was expired.  The local cert from the Exchange server we migrated from really was expired; however, the popups continued even after we migrated to Exchange Online.  On a hunch, I replaced the certificate used on our website (even though we don't use https) and the popups ceased for most of our users except two who still get the popup ever time they open Outlook 2013 or 2010.  I've run an ExRCA test and verified the expired cert is not shown during an Autodiscover test.  I've never seen anything like this.  

Side note - Our Autodiscover DNS record is a CNAME pointing to autodiscover.outlook.com.
0
Comment
Question by:terminalb
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 31

Assisted Solution

by:Gareth Gudger
Gareth Gudger earned 1000 total points
ID: 40522997
Prior to Outlook clients going to the autodiscover record they will attempt to resolve to just yourdomain.com. Make sure your hosting provider does not have a wildcard or catchall record that is redirecting everything (including misspellings) to your WWW website for example. Normally I think those are a * or @ type record in most providers.
0
 
LVL 12

Expert Comment

by:Md. Mojahid
ID: 40523181
This sounds like Autodiscover issues.
If you browse to https://example.com then you should get an SSL prompt of some description. That will allow you to see the SSL certificate and possibly where it is coming from.
You should also check where the host name resolves to.

If it is happening from outside the network then it will be Autodiscover and it will be because there is an SSL certificate on the public web site. Autodiscover queries a number of URLs, one of which is the root of the domain.

This is further complicated by some hosting control panels having Autodiscover support for their own purposes, to the URL that Outlook is querying is actually valid. If that is the case then you will need to speak to your hosting company to get them to block it.

You can see what Autodiscover is doing via the Microsoft test site at the link above, or through Outlook itself. http://semb.ee/adt
0
 
LVL 5

Expert Comment

by:Hello World
ID: 40523312
Would you please to doule check the SAN for certificate?
meanwhile try to re-receate a Outlook profile for testing.
0
 
LVL 43

Accepted Solution

by:
Vasil Michev (MVP) earned 1000 total points
ID: 40523354
To add to what other experts have said above, you can simply 'force' Outlook to bypass local autodiscovery by using the registry keys mentioned in this article: http://support.microsoft.com/kb/2212902

CNAME (HTTP redirect method) is the only thing you need for EO.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

New style of hardware planning for Microsoft Exchange server.
I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
Suggested Courses

664 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question