asked on Exchange 2013 - Certificate Error
Hi - I have a 2013 exchange server with a different external name then the internal name. I bought a certificate with both names on it.
When I try to access internally I get a certificate error "the name on the security certificate is invalid or does not match the name of the site"
It was working fine before and I played around with some power shell commands now cant get it working again... :(
Does anyone have ideas on how to troubleshoot the issue?
When I try to access internally I get a certificate error "the name on the security certificate is invalid or does not match the name of the site"
It was working fine before and I played around with some power shell commands now cant get it working again... :(
Does anyone have ideas on how to troubleshoot the issue?
Exchange
Last Comment
Will Szymkowski
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
As stated your internal and external URL's for your virtual directories should be the same. Did you renew this certificate and re-import it into the CAS server? If you did then you will also need to use the Enable-ExchangeCertificate -Thumbprint xxxxxxxx -services "pop,imap,smtp,iis" command to ensure that you are using this cert for Exchange. This command also needs to be run on all of your CAS servers that hold the cert.
Also a good test is, on the client that is getting the error message, Open Outlook, chold ctrl+right click the Outlook icon in the system tray and select , Test Email Auto Configuration run the Autodiscover test and check the Results Tab to ensure that the virtual directories are correct.
Will.
Also a good test is, on the client that is getting the error message, Open Outlook, chold ctrl+right click the Outlook icon in the system tray and select , Test Email Auto Configuration run the Autodiscover test and check the Results Tab to ensure that the virtual directories are correct.
Will.
As already stated, the best practise is now considered to be that both the internal and external URLs are the same, with the external URL being used via a split DNS system.
It could be that you have enabled the wrong certificate or the wrong web site. I have seen HTTPS get bound to the backend site (which uses a self signed certificate) in the past, so you should check that. Check through EMS and get-exchangecertificate that your trusted certificate is still bound to IIS.
Simon.