Solved

the name on the security certificate is invalid

Posted on 2015-01-26
3
370 Views
Last Modified: 2015-02-03
Hi Guys,

We have installed a wildcard certificate. Unfortunately users in the company are still getting
" the name on the security certificate is invalid or does not match the name of the site"
The server name being displayed in the warning is 'exchange.domain.local'

I Configured a DNS split zone as the domain is " .local " 
Followed instructions from this link:
http://www.msexchange.org/articles-tutorials/exchange-server-2010/mobility-client-access/using-pinpoint-dns-zones-exchange-2010.html

I have checked the settings of the webservices URL, Autodiscover URL and OAB URL and they all are pointing to  mail.domain.com

I am able to successfully ping mail.domain.com internaly

Not sure if something is broken on the IIS .

Any advice would be appreciate it.

Let me know if you need more info.

cheers R2
0
Comment
Question by:R2_D2
3 Comments
 
LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 250 total points
ID: 40571138
When you install a new cert on your exchange CAS server you need to make sure that you Enable the cert as well. Then removing the old cert as a cleanup measure.

Login to each one of your CAS servers and run the following command...
Get-ExchangeCertificate | ft

Enable-ExchangeCertificate -thumbprint xxxxxxxxxxxxxx -servcies "pop,imap,smtp,iis"

It will prompt you to change the new cert as the default press Y to accept.

Test it out and if it works then run
Remove-exchangecertificate -thumbprint xxxxxxxxxxxx

You have to enable the cert. Simply adding it to the server will not work.

Will
0
 
LVL 19

Accepted Solution

by:
R--R earned 250 total points
ID: 40571207
Check autodiscoveruri by running get-clientaccessserver | fl

Set-ClientAccessServer -Identity "server" -AutoDiscoverServiceInternalUri https://mail.domain.com/autodiscover/autodiscover.xml

Also check if the third party certificate is configured on IIS default web site and Exchange backend website.
0
 

Author Comment

by:R2_D2
ID: 40586655
Hi Guys,

All the settings were correct.
It turned out that problem was with users outlook profile, Just recreating the profile fixed the issue.

thank you for your help.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
Many of my clients call in with monstrous Gmail overloading issues with Outlook. A quick tip is to turn off the All Mail and Important folders from synching. Here is a quick video I made to show you how to turn off these and other folders in Gmail s…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now