Solved

Exchange 2016 certificate issues

Posted on 2016-10-10
4
48 Views
Last Modified: 2016-10-11
Before, we had an exchange server with 2 NICs: 1 internal LAN, 1 external WAN.
The LAN was linked to our active directory domain server. It used an internal IP and hostname (mydomain.corp)
We have changed our network. We now use 1 interface, WAN only. (yes, it is secured, hosted).

However, since then, we keep getting SSL certificate errors when starting outlook.
We have an external hostname: https://remote.myfqdn.com/ , which runs a Geotrust EV certificate.
I have that as IIS binding.

The complaint however is about the exchange.mydomain.corp interface. (private).
This is a local hostname, and is locally used (used inside the domain).
Before, I could bind it to 2 seperate interfaces: One to my 10.0.0.0/8 interface LAN, and the other to the WAN.
Now, that is not possible.

How can I stop this annoying error?
0
Comment
Question by:redworks
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 41

Expert Comment

by:Adam Brown
ID: 41837667
Most likely you just need to reconfigure your Active Directory Autodiscover SCP settings. http://wp.me/pUCB5-7X has more info.
0
 

Author Comment

by:redworks
ID: 41838899
Thanks for your response. I have already tried all of those, using powershell. Interesting article though. Same thing, but different approach.
0
 
LVL 41

Accepted Solution

by:
Adam Brown earned 500 total points
ID: 41838904
Okay. If you hold CTRL and right click the Outlook window in the notifications area (By the windows clock in the lower right), it will show an option to test Autoconfiguration in the context menu. Run that test to get an idea of what exactly is failing.
0
 

Author Comment

by:redworks
ID: 41838982
Great advise :)
It seems I forgot one of the many, many URLs.

The Internal HTTP MAPI URL was still going to mydomain.corp.
Fixed that, restarted services. Did not work. Rebooted server, worked!
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question