Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Exchange 2013 connect outlook 2013 certificat problem alert

Posted on 2016-08-22
3
Medium Priority
?
82 Views
Last Modified: 2016-08-23
Hi,

I have in my Exchange infrastrcture 2 Exchanges Servers
Server 1: MBX+CAS
Server 2: MBX+CAS
+ these servers have both a Public IP and directly connected to the Internet so no proxy or firewall configured

Even on my environnement i have the external url: mail.company.com
and also the certificat name it's purchased with this name: mail.company.com

I activeted the outlook anywhere  :OK
I configured the AutoDiscover InternalURI :OK
I configured the other virtualDirectory :OK
I add the autodiscover CNAME entry on my Public DNS company.com :OK

so my problem i arrived to connect an account with autodiscover method
but it's always return the certificat alert message with the autodiscover.company.com !!!

another problem when i have another account with different domain name like: user1@company1.com
who can i configure this with autodiscover !
0
Comment
Question by:Mohamed Amine LIMAME
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 43

Expert Comment

by:Adam Brown
ID: 41765696
There are a couple ways to address the certificate error problem, depending on whether the certificate you have has autodiscover.company.com as an alternate name. If you only have 1 name on the cert, the first option might not work.  
1. Create a CNAME DNS Record for Autodiscover.company.com that points to mail.company.com You would do the same thing for the DNS of all other companies that people use to connect with. For instance, if you have a user whose primary email address is user@company1.com, you would modify the company1.com DNS so there is a CNAME record for autodiscover.company1.com that points to mail.company.com.
2. Remove all of your existing DNS records for autodiscover.company.com and create a SRV record for autodiscover. http://wp.me/pUCB5-7X has instructions for creating Internal SRV records. External ones will use the same setting, but instructions vary depending on which DNS registrar you use. You would do this for every domain that people use as a primary email address on the exchange server.

One thing to note, though, is that if you have a website that you can reach using company.com (no www. or other host name), you need to make sure that website is not configured to redirect the /autodiscover/autodiscover.xml URL. If you don't, you'll always get certificate errors on devices that aren't on your domain and configured to skip the domain.com Autodiscover lookup.
0
 
LVL 7

Accepted Solution

by:
harryhelp earned 2000 total points
ID: 41765883
The easiest way to resolve this would be to get a "SAN Certificate" (can be sold as a UC certificate as that is its typical use). This is a certificate that can have multiple domains associated - ie mail.mycompany.com and autodiscover.mycompany.com. This would allow you to use the current configuration with no issues.

A wildcard certificate will also do the trick (if you only have one domain).

The SAN certificate would typically be cheaper if you have one domain.
1
 

Author Closing Comment

by:Mohamed Amine LIMAME
ID: 41767171
The UCC certificat it's probably the best solution
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
As much as Microsoft wants to kill off PST file support, just as they tried to do with public folders, there are still times when it is useful or downright necessary to export Exchange mailboxes to PST files. Thankfully, it is still possible to e…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question