Exchange 2013 - Certificate Error

Hi - I have a 2013 exchange server with a different external name then the internal name. I bought a certificate with both names on it.

When I try to access internally I get a certificate error "the name on the security certificate is invalid or does not match the name of the site"

It was working fine before and I played around with some power shell commands now cant get it working again... :(

Does anyone have ideas on how to troubleshoot the issue?
doctor069Asked:
Who is Participating?
 
becraigCommented:
The usual documented fix for this has been to update the internal urls to be the same as the external urls.

If you know the commands you used that would help to know what action to reverse without too much poking around in the dark.

Here is a full and clear tutorial on troubleshooting this issue:
http://www.msexchange.org/articles-tutorials/exchange-server-2013/management-administration/managing-certificates-exchange-server-2013-part4.html
0
 
Simon Butler (Sembee)ConsultantCommented:
I would just go through the settings to make the changes for the SSL certificate.
As already stated, the best practise is now considered to be that both the internal and external URLs are the same, with the external URL being used via a split DNS system.
It could be that you have enabled the wrong certificate or the wrong web site. I have seen HTTPS get bound to the backend site (which uses a self signed certificate) in the past, so you should check that. Check through EMS and get-exchangecertificate that your trusted certificate is still bound to IIS.

Simon.
0
 
Will SzymkowskiSenior Solution ArchitectCommented:
As stated your internal and external URL's for your virtual directories should be the same. Did you renew this certificate and re-import it into the CAS server? If you did then you will also need to use the Enable-ExchangeCertificate -Thumbprint xxxxxxxx -services "pop,imap,smtp,iis" command to ensure that you are using this cert for Exchange. This command also needs to be run on all of your CAS servers that hold the cert.

Also a good test is, on the client that is getting the error message, Open Outlook, chold ctrl+right click the Outlook icon in the system tray and select , Test Email Auto Configuration run the Autodiscover test and check the Results Tab to ensure that the virtual directories are correct.

Will.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.