Hi there, have Exchange 2010 set up working internally and externally, with one exception: External users off VPN connecting via Outlook get a certificate warning for the internal mail server on startup, but works fine if they press 'yes' to bypass it.
When viewing the cert, it's pulling our corporate web server cert and not the one attached to our autodiscover/mail server. For the latter, we're using a UCC cert which includes autodiscover.domain.com, mail.domain.com, and mail.domain.local.
Our corporate web server responds with a 404 for the https://domain.com/autodiscover/autodiscover.xml url, and the Microsoft Remote Analyzer comes back able to get itself connected. I've also tried throwing a 302 redirect from the corporate web server over to autodiscover.domain.com, but that doesn't seem to help.
Any ideas how to get the certificate error to stop appearing? I don't want to add our internal mail server to our corporate web server's certificate if I don't have to. I do have the root domain (ie "domain.com") in the corporate web server's SAN list.
I should mention we still have TMG in front of it as well.