Outlook 2010/2013 using wrong ssl certificate

Outlook 2010/2013 using wrong ssl certificate.

Here's what I found...

External dns has an A record named @ that points to external website address.
When I change the address to point to the external exchange address, the clients pull the correct record but the website goes down.
Any ideas how I could fix this step by step.

Thanks in Advance
Sammy_NiceAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

btanExec ConsultantCommented:
May want to check out that the certificate setting is intact originally @ https://social.technet.microsoft.com/Forums/exchange/en-US/bba95195-f319-4a8a-bc2e-4a672205f753/exchange-2010-certificate-issue-wrong-one-geing-used-for-outlook-clients?forum=exchangesvrdeploylegacy
...and there is rationale if DNS is fallback to secondary and get a wrong certificate
http://blog.tahvok.com/2013/08/outlook-on-exchange-using-wrong-certificate.html
... also good to look into logs for any errors in  , such as "System" logs and "DNS Server" logs on both, client and server.
1
Sammy_NiceAuthor Commented:
Hi Btan,

Not sure how to configure the external srv to work right.
I tried putting @ as the target and even the external exchange name but still not working.
0
btanExec ConsultantCommented:
hopefully this may help in the split DNS and other associated works to get the ext and int DNS resolution going http://exchange.sembee.info/network/split-dns.asp
.. the Remote Connectivity Analyzer has also been used widely to surface any errors as in this sharing
http://jaapwesselius.com/2011/08/28/autodiscover-redirect-srv-record/
..other in resolving internal DNS using SRV
If you have a domain that isn’t publicly useable on your Exchange AD environment, you will run into certificate errors when mail clients use Autodiscover. This becomes particularly problematic when you use Exchange 2013 and try to use HTTPS for Outlook Anywhere. This is because Microsoft is now enforcing certificate validity with Exchange 2013’s Autodiscover features (Note, though, that Outlook Anywhere will be configured to use HTTP only when your Exchange Server certificate is determined to be invalid in Exchange 2013). With Exchange 2007 and 2010, you will get a Certificate error every time you open Outlook. Generally, this error will state that the name on the certificate is not valid.

The Cause

To solve the issue with certificates, you need to configure your environment so it enforces the appropriate action with Autodiscover. By default, Autodiscover will attempt to communicate with a number of URLs based on the Client’s email address (for external users) or domain name (for internal users).
https://acbrownit.wordpress.com/2012/12/20/internal-dns-and-exchange-autodiscover/
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SSL / HTTPS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.