I am in the middle of an Exchange 2013 migration from Exchange 2010. I am using a wildcard SSL certificate. The same one I used with Exchange 2010.
Simple install. 1 exchange 2010 server running all rolls. 1 2013 server I am moving to.
OWA, mobile clients and existing 2010 mailboxes are all working fine. I've migrated a lot of mailboxes to 2013 server. But, I have to repair the Outlook profile for them to work after the migration. This is fine. I can do it. Most users use webmail. But, autodiscover is not working if the mailbox has been migrated. It will work internally if the mailbox is still on 2010 but prompts for password.
I have my virtual directories setup on my new server. they all point to the same URL: mail.mydomain.com accept for autodiscover, which is: autodiscover.mydomain.com.
I have moved my DNS records to my Exchange 2013 server. Mail flow is working. OWA shows as 2013 and will switch to 2010 if the user is on that server.
I can connect to the autodiscover url on my new server. It prompts for login and the XML page is displays looks correct.
When I try to connect a user to Outlook 2010 or 2013 and it tries to autodiscover the setup it fails with error: An encrypted connection to your mail server is not available. Click Next to attempt using an unencrypted connection. Click next will fail. I can get it to connect by manually setting up the server settings.
I have read many online articles and tried lots of things but am not getting it to work.