Exchange 2010 offer Certificate from external web server to outlook clients

Hello all,
                and thank you before hand. I am running an exchange 2010 sp3 server and it has been running for well over a year with no issue. I use a single cert purchased from godaddy and have made all the necessary config changes to the virtual directories and created a split horizon dns to support it. The autodiscover is set up as a svc record on my external dns hosting site. As I have said everything has been running flawlessly for over a year. All of a sudden this week when folks returned to work from the holiday weekend, when they opened outlook it connects and all functions perfectly except after about a minute or so a certificate warning pops up and asked them to accept it. The name it gives is my.domain.com.com. So the domain name is right but there is an extra .com added. Viewing the certificate shows that it is issued *.com.com and was issued by rapidssl. From what I have been able to gather this belongs to amazon technologies. I have checked the IIS certificate stores, The local computer certificate stores and checked dns to see if any changes had been made. There has been not updates or changes to exchange made recently, so it just spontaneously began. Mail functions, all the activesync for phones and owa functions and when you tell the certificate warning no it disappers and everything roles on until you close and open outlook again. The outlook clients being used are 2007, 2010 and 2013. The outlook clients have been running also for awhile so nothing was upgrade or a new outlook client add to a workstation recently.

Thank you for any guidance you might provide
jplatt1Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Simon Butler (Sembee)ConsultantCommented:
Where is your public web site hosted?

The most common reason for this is that the web host has changed something so that the URL http://example.com/Autodiscover/Autodiscover.xml (where example.com is your domain) resolves to a host under their control. If that is the case then you need to get the host to disable Autodiscover for your domain. That will take some doing, as first line support will say it is something you do in DNS, which is not the case at all.

Simon.
jplatt1Author Commented:
Thank you for the reply. So the web site host is also incharge of the dns hosting. When I talked to him yesterday, he confirmed that the svc record for the domain had not change and was setup correctly. Are you talking about the dns host or the internet service provider that are external dns points too?
Simon Butler (Sembee)ConsultantCommented:
It is most likely to be the web host.
Basically wherever the root of your domain goes.

Try browsing to the URL I gave above - if you get anything other than 404 (so an authentication prompt for example) then that is the cause of the problem.

Simon.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

jplatt1Author Commented:
Ok Sir, I browsed to https://my.domain.com/autodicover/autodiscover.xml and received a login prompt. So that tells me that it is the website host that is hosting our dns at this point. Is this correct?
Simon Butler (Sembee)ConsultantCommented:
That suggests that wherever the root of the domain points (ensure that you are doing the test from outside your network) has Autodiscover enabled on it and the destination for the domain needs to get it removed.

That may not be anything to do with your DNS - it is where the web site actually is that is important.

Simon.
jplatt1Author Commented:
We are working on this with the DNS host provider and will get back to this forum.

Thank you
David Johnson, CD, MVPOwnerCommented:
fyi, I have cloudflare as my managed dns provider and my domain registrar points the name server records there. Many options and saves a lot of grief
jplatt1Author Commented:
Hello,
           Sorry for the amount of time. The DNS provider are working on the issue and believe the issue lies with them. We are waiting for confirmation as they asked for time to work on the issue.
jplatt1Author Commented:
I am giving a "B" only because we do not have verification that this is the actually issue pending the providers inquiry. Though at this point it looks that Simon's explination is the most plausible.

Thank you all again for your help
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.