Exchange 2013 - Certificate Error

Hi - I have a 2013 exchange server with a different external name then the internal name. I bought a certificate with both names on it.

When I try to access internally I get a certificate error "the name on the security certificate is invalid or does not match the name of the site"

It was working fine before and I played around with some power shell commands now cant get it working again... :(

Does anyone have ideas on how to troubleshoot the issue?
doctor069Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

becraigCommented:
The usual documented fix for this has been to update the internal urls to be the same as the external urls.

If you know the commands you used that would help to know what action to reverse without too much poking around in the dark.

Here is a full and clear tutorial on troubleshooting this issue:
http://www.msexchange.org/articles-tutorials/exchange-server-2013/management-administration/managing-certificates-exchange-server-2013-part4.html
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Simon Butler (Sembee)ConsultantCommented:
I would just go through the settings to make the changes for the SSL certificate.
As already stated, the best practise is now considered to be that both the internal and external URLs are the same, with the external URL being used via a split DNS system.
It could be that you have enabled the wrong certificate or the wrong web site. I have seen HTTPS get bound to the backend site (which uses a self signed certificate) in the past, so you should check that. Check through EMS and get-exchangecertificate that your trusted certificate is still bound to IIS.

Simon.
0
Will SzymkowskiSenior Solution ArchitectCommented:
As stated your internal and external URL's for your virtual directories should be the same. Did you renew this certificate and re-import it into the CAS server? If you did then you will also need to use the Enable-ExchangeCertificate -Thumbprint xxxxxxxx -services "pop,imap,smtp,iis" command to ensure that you are using this cert for Exchange. This command also needs to be run on all of your CAS servers that hold the cert.

Also a good test is, on the client that is getting the error message, Open Outlook, chold ctrl+right click the Outlook icon in the system tray and select , Test Email Auto Configuration run the Autodiscover test and check the Results Tab to ensure that the virtual directories are correct.

Will.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.