Link to home
Start Free TrialLog in
Avatar of htsitguy

asked on

Exchange 2010 certificate issue after CA no longer support internal names


I have an Exchange 2010 environment where until yesterday was working fine but now the CA no longer supports internalname.local

I have re-issued the certificate which work fine externally for but local Outlook clients complaining that the mailservername.local isn't trusted which it isn't anymore

My AD is configured as domain.local and not

Could do with this help resolving this. Any ideas?

Avatar of Nadav Solomon
Nadav Solomon

Avatar of M A
Flag of United States of America image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
There is a great tool here you can use to help you:

you can solve this by changing the OWA, ECP, EWS, outlookanywhere urls to a FQDN of your valid domain name ( .

you should create new DNS zone on your internal DNS, make it (public name).
In it then create CNAME that will point --> to you exchange
Change all services internal URL to match in stead of mail.domainname.local.

That means OWA, ECP, ActiveSync, EWS, etc...all of what people already wrote in post's before.
Server Configuration --> Client Access --> select and edit service

Avatar of htsitguy


Thanks for your comments, I had to create a sub domain I.e on my internal DNS and point to local Exchange servers as internally PC's couldn't ping the external autodiscover address.

Happy to share point regardless
Thanks for sharing.
I explained the same in my article which is posted above.