Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

SBS Certificate name mismatch Exchange Server 2010

Posted on 2015-01-22
13
Medium Priority
?
137 Views
Last Modified: 2015-01-27
Hi,

I have just taken over a clients SBS 2011 server which was setup to use mail.domain.com as the primary format, they were having a lot of issues so many changes had to be made to put the server back to a typical SBS server deployment. All is now working on the standard remote.domain.com domain and a new SSL certificate has been purchased and applied.

All seems to be working well except when clients are accessing outlook it is showing a certificate warning for the old host name mail.domain.com and running the fix my network wizard does not seem to correct the old address with the new one of remote.domain.com.

Can someone tell me what commands I need to run to set it all back to the standard SBS deployment of remote.domain.com?
0
Comment
Question by:Tahir2008
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 4
13 Comments
 
LVL 27

Accepted Solution

by:
MAS earned 2000 total points
ID: 40565485
can you please post the error?
At the same time please check my article.
It may help
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40565540
Did you install the certificate through the SBS Console or did you do it manually through the Exchange Management Shell/Console? SBS is very wizard driven so it's always recommended to use the SBS Console when possible.

To add the SSL certificate using the Add a trusted certificate wizard in the SBS Console:
- In the SBS Console, click on Network
- Click on the Connectivity tab
- Click Add a trusted certificate on the right pane underneath Connectivity Tasks
- Click Next at the Before you begin window
- Select I want to replace existing certificate with a new one option then click Next
- Select I want to use a certificate that is already installed on the server then click Next
- Select the new SSL certificate from the list then click Next
- The wizard should then configure the SSL certificate in all the appropriate areas on your server

See this link for further information: https://technet.microsoft.com/en-us/library/cc546059.aspx
0
 
LVL 1

Author Comment

by:Tahir2008
ID: 40566114
The host name was changed using the SBS console and the SSL certificate was also installed using the SBS console. I think the previous IT guy may have made manual changes to the system rather than using the wizards hence why the domain being used was mail.domain.com instead of the standard SBS hostname of remote.domain.com.

The error that is presented is a certificate mismatch notice similar to this:
http://blogs.technet.com/blogfiles/sbs/WindowsLiveWriter/TroubleshootingCertificateMismatchWarnin_DEDC/clip_image004_thumb.jpg

But instead the hostname it is showing is the old address mail.domain.com not the new one which should be remote.domain.com with the correct SSL certificate which has been installed also for remote.domain.com

So all I need to know is what commands need to be entered to restore the settings to use remote.domain.com
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 27

Expert Comment

by:MAS
ID: 40568868
The above error is autodiscover error. Check the URL settings on Exchange by the below command.
Get-clientAccessServer | fl Name,AutoDiscoverServiceInternalUri

Open in new window

Please set the autodiscover using the below command (which is copied from my article above)
Set-ClientAccessServer -Identity server1 -AutoDiscoverServiceInternalUri "https://commonname.domain.com/autodiscover/autodiscover.xml"

Open in new window

Ensure you can resolve your common name internally (Which is explained in my article)
0
 
LVL 1

Author Comment

by:Tahir2008
ID: 40569089
Hi,

That seems to have resolved the issue with the Outlook certificate mismatch, thanks so much for that, but there are a few other directories which still point to the old location of mail.domain.com instead of the new remote.domain.com:

- WebServicesVirtualDirectory
  EWS
 ews
OAB

Do you know the commands to check and reset these to the new remote.domain.com address format as well please? I would like to ensure all of the areas which may have been assigned mail.domain.com are changed so that if that host record is deleted nothing is affected?

Thanks.
0
 
LVL 1

Author Comment

by:Tahir2008
ID: 40569096
Thanks MAS, found the info in the article and have used the following commands to reset from mail.domain.com to the SBS default of remote.domain.com

Set-ClientAccessServer -Identity SERVERNAME -AutoDiscoverServiceInternalUri "https://remote.domain.com/autodiscover/autodiscover.xml"

Set-OabVirtualDirectory -Identity "SERVERNAME\oab (default web site)" -InternalUrl https://remote.domain.com/oab -ExternalUrl https://remote.domain.com/oab

set-WebservicesVirtualDirectory -Identity "SERVERNAME\EWS (default web site)" -InternalUrl https://remote.domain.com/EWS/Exchange.asmx  -ExternalUrl https://remote.domain.com/ews/Exchange.asmx

Will just wait to see if the issue has now been resolved and will get back to you shortly.
0
 
LVL 1

Author Comment

by:Tahir2008
ID: 40569100
Seems my clients Outlook is still showing mail.domain.com certificate error, when running the test configuration all looks well but then selecting the log option shows:

Guessmart IMAP mail.domain.com
Guessmart IMAP imap.domain.com
Guessmart POP mail.domain.com
Guessmart POP pop.domain.com

Is it possible to change the mail.domain.com also for these to remote.domain.com or add this as an entry?
0
 
LVL 1

Author Comment

by:Tahir2008
ID: 40569114
I have rebooted the server and I think for now that seems to have stopped the certificate mismatch from occurring so I will go ahead and close this case as resolved and check back if the issue is still unresolved. Thanks for the help MAS.
0
 
LVL 1

Author Comment

by:Tahir2008
ID: 40569116
Spot on advice and link back to article which allowed me to fix the remaining issues.
0
 
LVL 27

Expert Comment

by:MAS
ID: 40569138
Hi Tahir,
Thanks for the points.
You are supposed to accept the first comment as answer as it will  award my article.  All these command I copied from my article.
if you dont mind please do it.
0
 
LVL 1

Author Comment

by:Tahir2008
ID: 40569149
Not sure how to change the accepted answer.
0
 
LVL 27

Expert Comment

by:MAS
ID: 40569213
click "Request attention" and request to open the question for you.
Admin will open the question for you.
0
 
LVL 1

Author Closing Comment

by:Tahir2008
ID: 40572667
Perfect response and fixed the issue as expected.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the event you manage a Small Business Server 2003, and you are audited for PCI compliance, there are several changes you must make in order to pass the audit. I can take no credit for discovering any of these fixes or workarounds, but there is no…
If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question