hgj1357
asked on
Exchange 2010 Certificates Issue (Win 2012)
I have a Win 2012 std server running Exchange 2010. It has worked fine but we recently renewed certificates which has led to some issues.
On our local network Outlook gives an error that the certificate is not trusted. Cert issued to WMSvc-NEX. But I can still proceed.
Using remote OWA, I get a "Your connection is not private" error. NET::ERR_CERT_AUTHORITY_IN VALID. Security certificate is not trusted by your computers operating system (Win 7 pro). But again, I can elect to continue.
There are three certificates on the EXchange server I can view from the console. 1) Self signed called Microsoft Exchange issued by the local server running exchange. Services: IMAP; SMTP. 2) CompanyMail issued by GoDaddy. Services POP; SMTP. 3) Self signed WMSvc-NEX issued by WMSvc-NEX. Services IIS, SMTP.
All certificates have at least 2 years before they expire.
How can I stop these errors?
Thanks
On our local network Outlook gives an error that the certificate is not trusted. Cert issued to WMSvc-NEX. But I can still proceed.
Using remote OWA, I get a "Your connection is not private" error. NET::ERR_CERT_AUTHORITY_IN
There are three certificates on the EXchange server I can view from the console. 1) Self signed called Microsoft Exchange issued by the local server running exchange. Services: IMAP; SMTP. 2) CompanyMail issued by GoDaddy. Services POP; SMTP. 3) Self signed WMSvc-NEX issued by WMSvc-NEX. Services IIS, SMTP.
All certificates have at least 2 years before they expire.
How can I stop these errors?
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Yes, If you click on first https and go to Edit you will see option to Bind Certificate to protocol
ASKER
That appears to have fixed the issue when connecting via OWA, but my internal outlook clients are still getting a certificate error. Outlook internally connects to SVR2.mydomain.local and not mail.mydomain.com
ASKER
The error from outlook
EE02.jpg
EE02.jpg
Your external and internal domain names different so you'll have to create SRV records for autodiscover.
This link explains the steps for that.
https://www.petenetlive.com/KB/Article/0000036
This link explains the steps for that.
https://www.petenetlive.com/KB/Article/0000036
ASKER
Thanks for the quick assistance.
ASKER
Http | 80 | *
Https | 443. |
http | 80 | 127.0.0.1
https | 443 | 127.0.0.01
this is all I see. Am I in the right place?