Security Certificates-Mail & Remote

I had been battling HTTPS SSL Certificate errors when users tried using Outlook Web Access or Remote Desktop Connection.

I got a hold of the certificate provider and they said my server had been set up wrong. It was set up as "remote.domainname.com, when it should have been set up as mail.DomainName.com.

They change something on the server (remotely) and now I am able to use OWA and Remote Desktop without security certificate errors. But now when ever anoyone open MS Outlook, they get a Security Alert pop-up - .The name on the security certificate is invalid or does not match the name of the site." On the pop-up it references remote. DomainName.com, but when I view the certificate from the button on the pop-up, it says that the certificate is issued to mail.domaionname.com

Thanks.
mapalaska2003Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Michael MachieFull-time technical multi-taskerCommented:
You can make another CSR and specify the proper name in the re-key request. Submit the request, download the new certificate, and install the new certificate in the server.
0
Mal OsborneAlpha GeekCommented:
For newer versions of Exchange, the server is accessed via several names, so what is required is  a SAN certificate, with multiple alternative names. A single name will not work.

There is also nothing wrong with calling your server "remote.domainname.com", this is perfectly valid. Obviously DNS and the certificate need to be set up to match.

More here:

http://exchangeserverpro.com/exchange-2010-ssl-certificates/
0
David Johnson, CD, MVPOwnerCommented:
Please follow this page
http://exchangeserverpro.com/avoiding-exchange-2013-server-names-ssl-certificates/
defaults
Outlook Anywhere – mail.yourdomain.com
Outlook Web App – https://mail.yourdomain.com/owa
Exchange Control Panel – https://mail.yourdomain.com/ecp
Exchange ActiveSync – https://mail.yourdomain.com/Microsoft-Server-ActiveSync
Exchange Web Services – https://mail.yourdomain.com/EWS/Exchange.asmx
Offline Address Book – https://mail.yourdomain.com/OAB
AutoDiscover – https://mail.yourdomain.com/Autodiscover/Autodiscover.xml

first go into certificate manager .. certmgr.msc and look at the Subject Name for your certificate to get the name right
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

mapalaska2003Author Commented:
I go to certificate manager, but am not sure what your suggesting I do there.
0
David Johnson, CD, MVPOwnerCommented:
can you find your certificate in personal\certificates then go to details Subject my certificate
0
David Johnson, CD, MVPOwnerCommented:
you can also check in iis manager / bindings
0
mapalaska2003Author Commented:
Certificate.jpg
0
David Johnson, CD, MVPOwnerCommented:
so everything has to have mail.mappingalaska.com
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
mapalaska2003Author Commented:
Thanks for the help resolving this problem. It was a complicated one.
0
mapalaska2003Author Commented:
Hi David. I'm still having certificate errors. The problem has returned and I'm perplexed.
When trying to check e,mail, this is what  get:

mail.domainname.com normally uses encryption to protect your information. When Chrome tried to connect to mail.domainname.com this time, the website sent back unusual and incorrect credentials. Either an attacker is trying to pretend to be mail.domainname.com, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Chrome stopped the connection before any data was exchanged.

You cannot visit mail.domainname.com right now because the website sent scrambled credentials that Chrome cannot process. Network errors and attacks are usually temporary, so this page will probably work later.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Browsers

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.