Solved

Exchange 2016 certificate issues

Posted on 2016-10-10
4
42 Views
Last Modified: 2016-10-11
Before, we had an exchange server with 2 NICs: 1 internal LAN, 1 external WAN.
The LAN was linked to our active directory domain server. It used an internal IP and hostname (mydomain.corp)
We have changed our network. We now use 1 interface, WAN only. (yes, it is secured, hosted).

However, since then, we keep getting SSL certificate errors when starting outlook.
We have an external hostname: https://remote.myfqdn.com/ , which runs a Geotrust EV certificate.
I have that as IIS binding.

The complaint however is about the exchange.mydomain.corp interface. (private).
This is a local hostname, and is locally used (used inside the domain).
Before, I could bind it to 2 seperate interfaces: One to my 10.0.0.0/8 interface LAN, and the other to the WAN.
Now, that is not possible.

How can I stop this annoying error?
0
Comment
Question by:redworks
  • 2
  • 2
4 Comments
 
LVL 39

Expert Comment

by:Adam Brown
ID: 41837667
Most likely you just need to reconfigure your Active Directory Autodiscover SCP settings. http://wp.me/pUCB5-7X has more info.
0
 

Author Comment

by:redworks
ID: 41838899
Thanks for your response. I have already tried all of those, using powershell. Interesting article though. Same thing, but different approach.
0
 
LVL 39

Accepted Solution

by:
Adam Brown earned 500 total points
ID: 41838904
Okay. If you hold CTRL and right click the Outlook window in the notifications area (By the windows clock in the lower right), it will show an option to test Autoconfiguration in the context menu. Run that test to get an idea of what exactly is failing.
0
 

Author Comment

by:redworks
ID: 41838982
Great advise :)
It seems I forgot one of the many, many URLs.

The Internal HTTP MAPI URL was still going to mydomain.corp.
Fixed that, restarted services. Did not work. Rebooted server, worked!
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Error 554 5.4.6 Hop count exceeded - possible mail loop 16 52
Exchange 2010, Implementing On-Prem Archiving 3 28
Exchange Reports 4 26
exchange, outlook 20 29
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Find out what you should include to make the best professional email signature for your organization.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question