Exchange 2010 certificate issue after CA no longer support internal names

htsitguy
htsitguy used Ask the Experts™
on
Hi,

I have an Exchange 2010 environment where until yesterday was working fine but now the CA no longer supports internalname.local

I have re-issued the certificate which work fine externally for www.mail.domainname.com but local Outlook clients complaining that the mailservername.local isn't trusted which it isn't anymore

My AD is configured as domain.local and not companyname.com

Could do with this help resolving this. Any ideas?

Thanks
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
EE Solution Guide - Technical Dept Head
Most Valuable Expert 2017
Commented:
Please post a screenshot of the error.
Please check this article as well
http://www.experts-exchange.com/articles/13676/Out-Of-office-not-working.html
There is a great tool here you can use to help you:

https://www.digicert.com/internal-domain-name-tool.htm
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Hi,

you can solve this by changing the OWA, ECP, EWS, outlookanywhere urls to a FQDN of your valid domain name ( mail.domainname.com) .
IvanSystem Engineer

Commented:
Hi,

you should create new DNS zone on your internal DNS, make it domainname.com (public name).
In it then create CNAME that will point mail.domainname.com --> to you exchange
Change all services internal URL to match mail.domainname.com in stead of mail.domainname.local.

That means OWA, ECP, ActiveSync, EWS, etc...all of what people already wrote in post's before.
Server Configuration --> Client Access --> select and edit service

Regards,

Author

Commented:
Thanks for your comments, I had to create a sub domain I.e mail.companyname.com on my internal DNS and point to local Exchange servers as internally PC's couldn't ping the external autodiscover address.

Happy to share point regardless
MASEE Solution Guide - Technical Dept Head
Most Valuable Expert 2017

Commented:
Thanks for sharing.
I explained the same in my article which is posted above.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial