Solved

Exchange 2013 OWA

Posted on 2015-01-16
4
632 Views
Last Modified: 2015-05-15
Hello,
Having a certificate issue with Exchange 2013 OWA

Time and date are correct on server
I get the following error:

Your connection is not private

Attackers might be trying to steal your information from mail.taeyangusa.com (for example, passwords, messages, or credit cards).

Back to safetyAdvanced
NET::ERR_CERT_AUTHORITY_INVALID

I have run the following commands in Exchange Power Shell
Any help is appreciated, Thanks !
$AutodiscoverHostName = "autodiscover.xxxxxx.com"

Get-ExchangeServer | Where {($_.AdminDisplayVersion -Like "Version 15*") -And ($_.ServerRole -Like "*ClientAccess*")} | Set-ClientAccessServer -AutoDiscoverServiceInternalUri https://$AutodiscoverHostName/Autodiscover/Autodiscover.xml
0
Comment
Question by:jac1991
4 Comments
 
LVL 10

Expert Comment

by:Muhammad Mulla
ID: 40553467
1. Check from another client.
2. Check date and time on client.
3. Open Certificates plugin from mmc.exe for local computer on the client and check that it has the root certificate for the cert you are using.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40553849
Is this a trusted SSL certificate or are you still using the self signed one that Exchange generates?
If it is a trusted certificate, is it from a well known vendor?
If self signed, then you need to use a trusted certificate. The self signed certificate that Exchange creates is designed as a place holder only.

Simon.
0
 
LVL 6

Accepted Solution

by:
BurundiLapp earned 500 total points
ID: 40553867
The certificate error: ERR_CERT_AUTHORITY_INVALID  suggest that the Certificate Authority that issued your Exchange certificate does not exist (i.e: it is a self signed certificate), was created by a Trusted Certificate Authority but you do not have that Certificate Authorities root certificate installed in your browser or in Windows if using IE, OR it is from a Certificate Authority that has had it's root certificates revoked or the root certificate has expired.

The most likely of these being it is a self signed certificate generated by Exchange itself.  If you intend to use OWA over the internet then you need to get a certificate from a trusted certificate authority such as Thawte, Verisign, Globalsign, etc..., ensure you get a certificate suitable for Exchange use, a certificate just for website would not be sufficient I think.

Also try this in different browsers.  Chrome is not giving somewhat misleading errors about certificates that signed using SHA1, another browser will not give the same error.

HTH
0
 

Expert Comment

by:sly-kyorin
ID: 40779239
Or if you don't want to pay for one (which really you should) get a free certificate from somewhere like StartSSL, I've never had an issue using certs from them for SBS/Exchange.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Exchange 2013 POP3 2 32
exchange, email gateway 2 32
Exchange 2010 and 2016 Coexistance 1 23
exchange, activesync 2 10
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question