Got a head scratcher here, hoping you all can help. Since 2010, when Exchange 2010 came out, I have been using third-party single name cert to run my exchange servers. I change all the virtual directories to mail.domain.com, the name on the cert, and set up a split horizon internally that points this public fqdn to the mail server. I also create a SVC record for autodiscover on the public DNS. This has worked like a charm for years.
As of this year, recently mind you, some of my clients for no apparent reason, have started to get certificate errors internally referencing the mail.domain.local name and stating that the name on the certificate does not match when opening outlook. This is happening with Outlook 2007, 2010 and 2013. This has never happened in the pass and has never been an issue before, nothing on these mail servers have been changed or modified. After opening outlook it connects like normal and then will be fine for about 1 to 2 minutes, the the security alert pops up. Wether I accept or decline outlook functions fine.
I believe there must be a simple way to fix this issue and am hoping that I am just over looking it.
Thank you in advance