redworks
asked on
Exchange 2016 certificate issues
Before, we had an exchange server with 2 NICs: 1 internal LAN, 1 external WAN.
The LAN was linked to our active directory domain server. It used an internal IP and hostname (mydomain.corp)
We have changed our network. We now use 1 interface, WAN only. (yes, it is secured, hosted).
However, since then, we keep getting SSL certificate errors when starting outlook.
We have an external hostname: https://remote.myfqdn.com/ , which runs a Geotrust EV certificate.
I have that as IIS binding.
The complaint however is about the exchange.mydomain.corp interface. (private).
This is a local hostname, and is locally used (used inside the domain).
Before, I could bind it to 2 seperate interfaces: One to my 10.0.0.0/8 interface LAN, and the other to the WAN.
Now, that is not possible.
How can I stop this annoying error?
The LAN was linked to our active directory domain server. It used an internal IP and hostname (mydomain.corp)
We have changed our network. We now use 1 interface, WAN only. (yes, it is secured, hosted).
However, since then, we keep getting SSL certificate errors when starting outlook.
We have an external hostname: https://remote.myfqdn.com/ , which runs a Geotrust EV certificate.
I have that as IIS binding.
The complaint however is about the exchange.mydomain.corp interface. (private).
This is a local hostname, and is locally used (used inside the domain).
Before, I could bind it to 2 seperate interfaces: One to my 10.0.0.0/8 interface LAN, and the other to the WAN.
Now, that is not possible.
How can I stop this annoying error?
Most likely you just need to reconfigure your Active Directory Autodiscover SCP settings. http://wp.me/pUCB5-7X has more info.
ASKER
Thanks for your response. I have already tried all of those, using powershell. Interesting article though. Same thing, but different approach.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Great advise :)
It seems I forgot one of the many, many URLs.
The Internal HTTP MAPI URL was still going to mydomain.corp.
Fixed that, restarted services. Did not work. Rebooted server, worked!
It seems I forgot one of the many, many URLs.
The Internal HTTP MAPI URL was still going to mydomain.corp.
Fixed that, restarted services. Did not work. Rebooted server, worked!