Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Exchange 2013 - Cannot get seprate certs to work at the same time

Posted on 2016-11-11
3
Medium Priority
?
49 Views
Last Modified: 2016-11-30
Hi!

I have a client who has purchased 2 basic certs for his Exchange 2013 server.  One from GoDaddy mail.mydomain..com and one from Network Solutions, Autodiscover.mydomainm.com.  The DNS for autodiscover is properly setup as an SRV record.  Both certs are installed.  But when the client logs into Exchange from Outlook he gets the cert warning on Autodiscover.  I checked and no services are assigned to the autodiscover cert.  When I assign IIS to it IIS is disabled on the mail cert and nothing works.

Any ideas?

Thanks!
0
Comment
Question by:MOBlew
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 16

Assisted Solution

by:Jason Crawford
Jason Crawford earned 1000 total points (awarded by participants)
ID: 41884242
You don't technically need to cover autodiscover.domain.com in your cert if you use SRV records.  Just the mail.domain.com sub-domain will suffice.  Remove the cert for autodiscover and only add/assign services to the mail.domain.com cert.
0
 
LVL 16

Accepted Solution

by:
Todd Nelson earned 1000 total points (awarded by participants)
ID: 41884302
Most of the services (with the exception of SMTP) in Exchange cannot be assigned to more than one certificate.

I would advise that they either get a UC/SAN cert that includes both names or change the DNS records for autodiscover to point to mail.mydomain.com.
0
 
LVL 16

Expert Comment

by:Todd Nelson
ID: 41907009
Sufficient information provided for solution.
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question