Outlook 2010 keeps prompting for certificate on open

Hi There,

We have just moved one of our customers from one domain (au.domain.com with SBS2003 and it's exchange server) to another domain ( domain.com existing with Windows 2008 R2 and stand alone Exchange 2010 SP3). As this branch is in Australia, we have created another Exchange server (not in DAG) which can see the other (global) exchange but mail for local users will be delivered to this exchange.

One issue we are now experiencing is once the users have been set up in the new domain (domain.com) and they are connected to exchange via outlook, they keep getting prompted for certificates.

One thing we think may be causing this is that we have it set up as mail.au.domain.com

The signed certificate is a wildcard for domain.com

Do wildcard certificates cover a double sub domain?

We have temporarily changed it so that it goes to mailau.domain.com which still causes an issue within outlook, however, OWA is now happy and not reporting any certificate issues.

Does anyone know how to cure these certificate errors in outlook pointing to the .local name of the local server?

Another issue we face is that because the company is international, they already have a autodiscover entry for domain.com

We were thinking of putting an autodiscover for autodiscover.au.domain.com to point to mailau.domain.com - will this work?

I know this description is fairly ambiguous, however, I don't want to publicly give too much info away.


Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David Johnson, CD, MVPOwnerCommented:
Do wildcard certificates cover a double sub domain.. no  wildcard certificates only allow 1 level of subdomain.
Wildcard cert: *.domain.com
autodiscover.au.domain.com (failure)
mailau.domain.com                  (works)

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Shweta GoelCommented:
On your Server open the certificate from:

•      MMC > Certificates > Local Computer > Personal > then Certificate.

•      Mentioned your new Exchange Server name in the Subject Alternate Name i.e SAN field.

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.