Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

the name on the security certificate is invalid

Posted on 2015-01-26
3
375 Views
Last Modified: 2015-02-03
Hi Guys,

We have installed a wildcard certificate. Unfortunately users in the company are still getting
" the name on the security certificate is invalid or does not match the name of the site"
The server name being displayed in the warning is 'exchange.domain.local'

I Configured a DNS split zone as the domain is " .local " 
Followed instructions from this link:
http://www.msexchange.org/articles-tutorials/exchange-server-2010/mobility-client-access/using-pinpoint-dns-zones-exchange-2010.html

I have checked the settings of the webservices URL, Autodiscover URL and OAB URL and they all are pointing to  mail.domain.com

I am able to successfully ping mail.domain.com internaly

Not sure if something is broken on the IIS .

Any advice would be appreciate it.

Let me know if you need more info.

cheers R2
0
Comment
Question by:R2_D2
3 Comments
 
LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 250 total points
ID: 40571138
When you install a new cert on your exchange CAS server you need to make sure that you Enable the cert as well. Then removing the old cert as a cleanup measure.

Login to each one of your CAS servers and run the following command...
Get-ExchangeCertificate | ft

Enable-ExchangeCertificate -thumbprint xxxxxxxxxxxxxx -servcies "pop,imap,smtp,iis"

It will prompt you to change the new cert as the default press Y to accept.

Test it out and if it works then run
Remove-exchangecertificate -thumbprint xxxxxxxxxxxx

You have to enable the cert. Simply adding it to the server will not work.

Will
0
 
LVL 19

Accepted Solution

by:
R--R earned 250 total points
ID: 40571207
Check autodiscoveruri by running get-clientaccessserver | fl

Set-ClientAccessServer -Identity "server" -AutoDiscoverServiceInternalUri https://mail.domain.com/autodiscover/autodiscover.xml

Also check if the third party certificate is configured on IIS default web site and Exchange backend website.
0
 

Author Comment

by:R2_D2
ID: 40586655
Hi Guys,

All the settings were correct.
It turned out that problem was with users outlook profile, Just recreating the profile fixed the issue.

thank you for your help.
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
In-place Upgrading Dirsync to Azure AD Connect
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question