Solved

Exchange 2013 - Cannot get seprate certs to work at the same time

Posted on 2016-11-11
3
41 Views
Last Modified: 2016-11-30
Hi!

I have a client who has purchased 2 basic certs for his Exchange 2013 server.  One from GoDaddy mail.mydomain..com and one from Network Solutions, Autodiscover.mydomainm.com.  The DNS for autodiscover is properly setup as an SRV record.  Both certs are installed.  But when the client logs into Exchange from Outlook he gets the cert warning on Autodiscover.  I checked and no services are assigned to the autodiscover cert.  When I assign IIS to it IIS is disabled on the mail cert and nothing works.

Any ideas?

Thanks!
0
Comment
Question by:MOBlew
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 15

Assisted Solution

by:Jason Crawford
Jason Crawford earned 250 total points (awarded by participants)
ID: 41884242
You don't technically need to cover autodiscover.domain.com in your cert if you use SRV records.  Just the mail.domain.com sub-domain will suffice.  Remove the cert for autodiscover and only add/assign services to the mail.domain.com cert.
0
 
LVL 15

Accepted Solution

by:
Todd Nelson earned 250 total points (awarded by participants)
ID: 41884302
Most of the services (with the exception of SMTP) in Exchange cannot be assigned to more than one certificate.

I would advise that they either get a UC/SAN cert that includes both names or change the DNS records for autodiscover to point to mail.mydomain.com.
0
 
LVL 15

Expert Comment

by:Todd Nelson
ID: 41907009
Sufficient information provided for solution.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you unable to connect or configure Hotmail email account in Microsoft Outlook 2010, 2007? Or Outlook.com emails are not downloading to Outlook? Lets’ see the problem and resolve Outlook Connector error syncing folder hierarchy (0x8004102A).
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question