• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 435
  • Last Modified:

the name on the security certificate is invalid

Hi Guys,

We have installed a wildcard certificate. Unfortunately users in the company are still getting
" the name on the security certificate is invalid or does not match the name of the site"
The server name being displayed in the warning is 'exchange.domain.local'

I Configured a DNS split zone as the domain is " .local " 
Followed instructions from this link:

I have checked the settings of the webservices URL, Autodiscover URL and OAB URL and they all are pointing to  mail.domain.com

I am able to successfully ping mail.domain.com internaly

Not sure if something is broken on the IIS .

Any advice would be appreciate it.

Let me know if you need more info.

cheers R2
2 Solutions
Will SzymkowskiSenior Solution ArchitectCommented:
When you install a new cert on your exchange CAS server you need to make sure that you Enable the cert as well. Then removing the old cert as a cleanup measure.

Login to each one of your CAS servers and run the following command...
Get-ExchangeCertificate | ft

Enable-ExchangeCertificate -thumbprint xxxxxxxxxxxxxx -servcies "pop,imap,smtp,iis"

It will prompt you to change the new cert as the default press Y to accept.

Test it out and if it works then run
Remove-exchangecertificate -thumbprint xxxxxxxxxxxx

You have to enable the cert. Simply adding it to the server will not work.

Check autodiscoveruri by running get-clientaccessserver | fl

Set-ClientAccessServer -Identity "server" -AutoDiscoverServiceInternalUri https://mail.domain.com/autodiscover/autodiscover.xml

Also check if the third party certificate is configured on IIS default web site and Exchange backend website.
R2_D2Author Commented:
Hi Guys,

All the settings were correct.
It turned out that problem was with users outlook profile, Just recreating the profile fixed the issue.

thank you for your help.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now