Outlook 2010/Exchange 2013 - There is a problem with the proxy server' security certificate (Error Code 38)


We are running an Exchange 2013 server.  I have received notice from a few users indicating the following.  They are running Outlook 2010 clients.  They seem to be okay on a Terminal Server and other workstations.  So this appears to be workstation specific.

The errors are:
Security Alert

Information you exchange with this site cannot be viewed or changed by others.   However, there is a problem with the site's security certificate.

x The security certificate was issued by a company you have not chosen to trust.  View the certificate to determine whether you want to trust the certifying authority.
x The security certificate has expired or is not yet valid.
x The name on the security certificate is invalid or does not match the name of the site.

Do you want to proceed.

When I look at the details of the certificate, it says:
Issued to: plesk
Issued by: plesk
Valid from 7/24/2010 to 7/24/2011

When I check the same account from OWA, it shows a completely different certificate.  One that is valid till 2017 (this is in fact the correct one).  I'm not sure what is happening.  Any suggestions?

Thanks in advance.
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Amit KumarCommented:
Is this happening for only one user or for majority of users.

for one user, clear certificate state then try it. Also check same user to configure on other system see if it works.

Sometimes due to not updating Windows updates such thing happen
realtimerAuthor Commented:
Thanks - what do you mean "clear certificate state"?
Amit KumarCommented:
Go to Internet explored, open options and then go to content, there is clear certificate state.

Also check if there is any bad certificates available those are expired.  (in personal store and trusted root CA as well.)
Jeff GloverSr. Systems AdministratorCommented:
I would say you might have your autodiscover DNS record pointing to the Wrong IP. I would check that first, As long as OWA is showing the correct Certificate, then Autodiscover should use the same unless you didn't put that name on the certificate.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
realtimerAuthor Commented:
Hello -

I found that the workstation was using a public DNS server instead of the local DNS server.  Not sure why this workstation was obtaining a different DNS server from the same DHCP server that the rest of them were using.  I set it manually for now till I figure out the rest.  This addressed the issue.  Thank you.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.