Avatar of redworks
redworks
 asked on

Exchange 2016 certificate issues

Before, we had an exchange server with 2 NICs: 1 internal LAN, 1 external WAN.
The LAN was linked to our active directory domain server. It used an internal IP and hostname (mydomain.corp)
We have changed our network. We now use 1 interface, WAN only. (yes, it is secured, hosted).

However, since then, we keep getting SSL certificate errors when starting outlook.
We have an external hostname: https://remote.myfqdn.com/ , which runs a Geotrust EV certificate.
I have that as IIS binding.

The complaint however is about the exchange.mydomain.corp interface. (private).
This is a local hostname, and is locally used (used inside the domain).
Before, I could bind it to 2 seperate interfaces: One to my 10.0.0.0/8 interface LAN, and the other to the WAN.
Now, that is not possible.

How can I stop this annoying error?
Exchange

Avatar of undefined
Last Comment
redworks

8/22/2022 - Mon
Adam Brown

Most likely you just need to reconfigure your Active Directory Autodiscover SCP settings. http://wp.me/pUCB5-7X has more info.
redworks

ASKER
Thanks for your response. I have already tried all of those, using powershell. Interesting article though. Same thing, but different approach.
ASKER CERTIFIED SOLUTION
Adam Brown

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
redworks

ASKER
Great advise :)
It seems I forgot one of the many, many URLs.

The Internal HTTP MAPI URL was still going to mydomain.corp.
Fixed that, restarted services. Did not work. Rebooted server, worked!
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy