Outlook 2016 - the name on the security certificate is invalid
Hello,
We have just installed a new windows 2012 server running 2 hyperv servers. One being our domain controller and the other being our exchange 2016 server.
We have this working OK apart from the SSL certificate integration. ie we were getting complaints on starting up outlook regarding an invalid or untrusted certificate. I presumed that once we obtained the correct SSL, this would just disappear.
Unfortunately, having just purchased our True ID SAN from geotrust, and installed it, we are still experiencing a warning on starting outlook. This is :-
The name on the security certificate is invalid or does not match the name of the site.
I have spoken with geotrust and they tell me its because it is looking for the internal exchange 2016 name, which I can confirm is the case.
the name of the local server is exch2016.domain.local
Our SSL is to secure remote.domainname.co.uk and autodiscover.domainname.co
Geotrust say that we have to rename our local site to match??
Can anyone advise on what we need to do to resolve this problem?
We have just installed a new windows 2012 server running 2 hyperv servers. One being our domain controller and the other being our exchange 2016 server.
We have this working OK apart from the SSL certificate integration. ie we were getting complaints on starting up outlook regarding an invalid or untrusted certificate. I presumed that once we obtained the correct SSL, this would just disappear.
Unfortunately, having just purchased our True ID SAN from geotrust, and installed it, we are still experiencing a warning on starting outlook. This is :-
The name on the security certificate is invalid or does not match the name of the site.
I have spoken with geotrust and they tell me its because it is looking for the internal exchange 2016 name, which I can confirm is the case.
the name of the local server is exch2016.domain.local
Our SSL is to secure remote.domainname.co.uk and autodiscover.domainname.co
Geotrust say that we have to rename our local site to match??
Can anyone advise on what we need to do to resolve this problem?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
sorry for the delay in updating this incident. I have been away on vacation, but now I'm back, will be addressing this issue.
will update you later today.
many thanks for your assistance
will update you later today.
many thanks for your assistance
ASKER
I have now run the digicert tool which changed our local settings to autodiscover.domainname.co
I have ensured we have a Dns zone for domainname.co.uk
with an entry for autodiscover and remote (which we use externally) both pointing to the local IP address of our exchange server.
I can confirm that our current San covers both remote.domainname.co.uk and autodiscover.domainname.co
I am very frustrated, so if anyone can provide any further assistance, I would be much obliged.
it would seem that outlook is still trying to reach exch2016.domain.local. is there anything to do on outlook 2016 to stop this?
many thanks
I have ensured we have a Dns zone for domainname.co.uk
with an entry for autodiscover and remote (which we use externally) both pointing to the local IP address of our exchange server.
I can confirm that our current San covers both remote.domainname.co.uk and autodiscover.domainname.co
I am very frustrated, so if anyone can provide any further assistance, I would be much obliged.
it would seem that outlook is still trying to reach exch2016.domain.local. is there anything to do on outlook 2016 to stop this?
many thanks
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
good comments and recommendations provided by experts
ASKER
I think my situation must be a little different, as when I asked about adding the local site to my San, geotrust told me that this was no longer allowed.
it is not actually a site which is causing the problem, it is outlook 2016 that is looking for exch2016.domain.local , and our Ssl only covers remote.domainname.co.uk
I don't understand why the local copy of outlook 2016 does not trust its own local 2016 server, but as I can't add the local name to our Ssl, I presume that we have to somehow change the local name of the exchange server.
accessing exchange remotely works fine, so I am very frustrated that I am having this problem locally.
I will check out the additional link, to see if it helps.
many thanks