Security Certificate appearing each time Outlook opens

What name is specified in your certificate? Presuming its something like mail.domain.com you need to set your client access URL's to match

Is there a way to supress this error?

what is the error?  invalid date or mismatched host name?
what changed prior to this starting?

with all likelihood the certificate has expired

On the error which pops up, it state the following

The name of the security certificate is invalid or does not match the name of the site.

I can confirm the name of the server url which is stated at the top of the certificate is the same has what each user has in the outlook setting for the exchange server.

I can confirm the certificate is not out of date.

Thanks for your comments so far all.

SycamoreIT

Hello,

Can you open the SBS Console > Networking Tab> Connectivity sub Tab
From the right hand side run the 'Fix My Network Wizard'

Does it bring up any Certificate errors?  If so run through the wizard - Selecting only the certificate warning/errors and see if it resolves the problem.

If it does not, can you give us a screen shot of the error and confirm if it says anything about the Auto-Discover or Remote/mail.

Hi,

I have carried out the process David but no certificate errors were detected.

Ive attached a copy the error my Outlook users see each time they open the client.
exchane-error.jpg

Please follow this article written by MAS. I had the same issue and it resolved for me

I did have to reboot after these changes to get this working which is not mentioned in the article

I was hoping for a local reg hack on the client desktop since its not happening on everyone's PC, only on some.

Is there anyway I can suppress the warning client slide? Not happy messing about on the server has this could have the potential to take out everyone connected to the server.

When you configured the server originally did you use the wizards and go through the Internet address wizard?

The name on the certificate being presented isn't correct. It should be remote.domain.com or mail.domain.com depending how you set it up.

Can you go through the article and at least do an information gathering, using the get commands and post your results. It sounds like your URL's are configured incorrectly somewhere

@David A, I inherited the server so Im afraid I cannot answer that one.

@Stuart, I will run through and pull the info and post but Im pretty sure it will be a dodgy url somewhere.

Please check this article it may help
https://www.experts-exchange.com/articles/13676/Out-Of-office-not-working.html

Ok ran the Exchange Shell command Get-clientAccessServer | fl Name,AutoDiscoverServiceInternalUri and got the following output.

https://sbs2011.companyname.local/Autodiscover/Autodiscover.xml

Ran this command Get-WebServicesVirtualDirectory | fl name,internalurl,externalurl and got the following output.

Name: EWS (Default Web Site)
InternalURL: https://sbs2011.companyname.local/EWS/Exchange.asmx
ExternalURL:

You should change it to your common name  using this article for both autodiscover and EWS (both internal and external URL).
i.e.  "https://mail.companyname.com/Autodiscover/Autodiscover.xml
https://mail.companyname.com/EWS/Exchange.asmx

If you follow the article completely you will not have certificate errors.

Hi MAS,

So what section do I follow within this document, some of the items within the document are above my technical skills so Im hoping its just one section I have to follow (and its a section I can follow).

Kind regards
SycamoreIT

Get-ClientAccessServer | fl identity,autodiscoverserviceinternaluri
Get-OabVirtualDirectory |  fl Server,Name,internalurl,externalurl
Get-WebServicesVirtualDirectory | fl name,internalurl,externalurl
Please post the result of these commands

1st command

Identity                       : SBS2011
AutoDiscoverServiceInternalUri : https://sbs2011.companyname.local/Autodiscover/Autodiscover.xml


2nd command

Server      : SBS2011
Name        : OAB (Default Web Site)
InternalUrl : http://sbs2011.companyname.local/OAB
ExternalUrl :


3rd command

Name        : EWS (Default Web Site)
InternalUrl : https://sbs2011.compnayname.local/EWS/Exchange.asmx
ExternalUrl :


Thanks

1st comand
Set your autodiscover to common name.

Set-ClientAccessServer -Identity server1 -AutoDiscoverServiceInternalUri "https://mail.youremail.com/autodiscover/autodiscover.xml"

Select allOpen in new window

2nd command
Set your OAB URLs to common name. Both internal and external

Set-OabVirtualDirectory -Identity "server1\oab (default web site)" -InternalUrl https://mail.youremail.com/oab -ExternalUrl https://mail.youremail.com/oab

Select allOpen in new window

3rd command
Set your EWS URLs to common name. Both internal and external

set-WebservicesVirtualDirectory -Identity "server1\EWS (default web site)" -InternalUrl https://mail.youremail.com/EWS/Exchange.asmx  -ExternalUrl https://mail.youremail.com/EWS/Exchange.asmx

Select allOpen in new window

Replace mail.youremail.com with your common name
I hope you have split DNS configured.

All these explained in my article including internal DNS server configuration.
https://www.experts-exchange.com/articles/13676/Out-Of-office-not-working.html

Sorry for late reply MAS, Ive been away ill. Im back now. Before I execute the above commands, is there any chance it could break connectivity to my exchange server for people on site/off site?

Thanks
SycamoreIT

No

MAS,

Ive done all three commands and my users are still getting the exact same error. See attached.

Does the exchange server services need restarting?
exchange.png

For me a server restart was required after changing those values although it shouldn't be required

Thank you MAS. Once the array was completed, I was able to connect with Outlook not showing the certificate.

Thanks
SycamoreIT