I spent awhile on the phone to the hosted exchange provider trying to resolve this but he could not.
Basically what happens is that I have a bunch of clients who use Hosted Exchange services. Now most clients use me or some other 3rd party to host their websites, DNS, etc but I generally like to move every client to Hosted Exchange because I just can't compete and it means it becomes someone else's responsibility to make sure that it is up and running 24/7.
Now this works fine, up until the following scenario.
Joe Bloggs has a domain called joebloggs.com
Website is hosted with me. DNS management is with my hosting provider, along with domain registration.
IP of the server is 220.127.116.11 (this is a shared cPanel server, I'm just one of the resellers on this server).
I use Hosted Exchange through iiNet - https://iihelp.iinet.net.au/DNS_records_for_Hosted_Exchange
Followed the DNS records to the letter.
So for the DNS I would have something like this:
joebloggs.com. 14400 A 18.104.22.168
www.joebloggs.com. 14400 CNAME joebloggs.com.
joebloggs.com. 14400 MX 10 smtp.exchange.iinet.net.au.
autodiscover.joebloggs.com. 14400 CNAME autodiscvr.exchange.iinet.net.au.
webmail.joebloggs.com. 14400 CNAME exchange.iinet.net.au
joebloggs.com 14400 TXT "v=spf1 redirect=exchange.iinet.net.au"
Now my issues are these:
1) When configuring Outlook or similar to connect through using the Autodiscover feature it always complains that the SSL Certificate is wrong - it picks up the SSL Certificate in use at 22.214.171.124 (keep in mind it is shared hosting so that could be anything)
2) If I try to use the webmail.joebloggs.com in the URL bar, it will error with a certificate issue because it clearly doesn't match the name attributed to the the exchange.iinet.net.au
So my question(s) are these:
1) How do I fix the autodiscover so that rather then picking up the SSL certificate used at 126.96.36.199 it picks up the certificate used at the Hosted Exchange provider??
2) How do I setup a tailored DNS record like webmail.joebloggs.com to redirect me without causing a SSL Certificate issue? I'm happy for the URL to change, I just want my clients to type in something familiar to them.
Thanks in advance.