Solved

Exchange 2016 certificate issues

Posted on 2016-10-10
4
38 Views
Last Modified: 2016-10-11
Before, we had an exchange server with 2 NICs: 1 internal LAN, 1 external WAN.
The LAN was linked to our active directory domain server. It used an internal IP and hostname (mydomain.corp)
We have changed our network. We now use 1 interface, WAN only. (yes, it is secured, hosted).

However, since then, we keep getting SSL certificate errors when starting outlook.
We have an external hostname: https://remote.myfqdn.com/ , which runs a Geotrust EV certificate.
I have that as IIS binding.

The complaint however is about the exchange.mydomain.corp interface. (private).
This is a local hostname, and is locally used (used inside the domain).
Before, I could bind it to 2 seperate interfaces: One to my 10.0.0.0/8 interface LAN, and the other to the WAN.
Now, that is not possible.

How can I stop this annoying error?
0
Comment
Question by:redworks
  • 2
  • 2
4 Comments
 
LVL 38

Expert Comment

by:Adam Brown
ID: 41837667
Most likely you just need to reconfigure your Active Directory Autodiscover SCP settings. http://wp.me/pUCB5-7X has more info.
0
 

Author Comment

by:redworks
ID: 41838899
Thanks for your response. I have already tried all of those, using powershell. Interesting article though. Same thing, but different approach.
0
 
LVL 38

Accepted Solution

by:
Adam Brown earned 500 total points
ID: 41838904
Okay. If you hold CTRL and right click the Outlook window in the notifications area (By the windows clock in the lower right), it will show an option to test Autoconfiguration in the context menu. Run that test to get an idea of what exactly is failing.
0
 

Author Comment

by:redworks
ID: 41838982
Great advise :)
It seems I forgot one of the many, many URLs.

The Internal HTTP MAPI URL was still going to mydomain.corp.
Fixed that, restarted services. Did not work. Rebooted server, worked!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
Read this checklist to learn more about the 15 things you should never include in an email signature.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now