Exchange/Outlook SSL Certificate Issue

I have an exchange 2010 on a SSL certificate via godaddy for SMTP and IIS.

Originally I had 4 SANs on the certificate, which included:
autodiscover.mydomain.com
mail2.mydomain.com
mydomain.com
www.mail2.mydomain.com

Outlook kept display a certificate error message about "mydomain.com" (pic attached).

so I "rekeyed" the SSL Cert via godaddy and imported the new one with only two SANS (mail2 and autodiscover.mydomain.com)

However, the error message is still coming up for "mydomain.com".  This is an standalone mail server, no websites hosted.  Mydomain.com IS on the network on a different server. However, I cannot even ping it from the exchange server (I believe it's running Apache/linkx - not sure).

If I manually point the DNS record to that webserver (on DC/DNS server), the error goes away - but I cannot keep it that way due to some conflicts on the network as it is for other things.

I cannot even located the "mydomain.com" certificate anywhere on the server.  When I run get-exchangecertificate on EMS it onlyl show the two certs (local exchange and the new one).

Yes, i installed the cert correctly and assigned it SMTP and IIS services. Removed old SSL cert from Exchange.

Any ideas where I can find this cert and remove it so internal Outlook clients don't get the 2015-07-02-15-42-47.ziperror message?
Anthony H.Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

arnoldCommented:
It seems in recent weeks there is an issue people are having with outlook of various versions and exchange certificates.
I think this is the third or fourth on this exact subject matter.
I have not had a chance to look at the attached file archive.

But iMHO I think you acted too early to revoke a certificate before determining what the issue was.
I.e. Which service/sertificate was causing the issue and what the issue was.

The issue might be with the issuing/intermediary certificate having expired invalidating your cert without getting an updated certificate from godaddy.

I'll take a look at your attached data.
arnoldCommented:
After looking, the issue is that your root certificate expired 05/29/2015. Now the issue is that you renewed the certificate that is missing the SAN for one that is needed i.e. mydomain.com deals with https://mydomain.com/autodiscover/autodiscover.xml

often, you may have 5-7 days to get a recently purchased cert reissued with corrections.  make sure the csr you create includes the needed SAN names as well as make sure it includes the correct functionality for all the hosts it will be used to handle.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Kesavan SellappanCommented:
i think, you are not enabled the imported certificate. because your image shows "issued to" and "issued by" are same. so it looks self signed certificate.

you got certificate from  godaddy. they also should give server certificate i.e. root CA or intermediate certificate and should import to either Trusted Root Certificate store or intermediate CA store in exchange server

then enable already imported certificate to services like below
Enable-ExchangeCertificate -Server 'EXCH-H-868' -Services 'IMAP, POP, IIS, SMTP' -Thumbprint 'EDF57B5F9D81F1EC329BFB77ADD4465B426A40FB'
arnoldCommented:
See if the links the asker posted also helps you in your situation.
http://www.experts-exchange.com/Q_28690792.html
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.