Added on prem Exchange 2016 server to Hybrid O365/E2K10 environment, outlook opens with cert error

Quick background and I get into details if more info is needed.

We are moving to O365 and have two E2K10 servers left (1 mailbox and 1 CAS). Because we use AD Connect to sync to Azure AD we are keeping one server (E2K16)  on prem for management purposes. Currently all of our user mailboxes are on O365/Exchange Online. at the end of the day the two E2K10 servers will be decommissioned and only the E2K16 server will remain.

I installed the E2K16 server last night and all is working but when users open outlook they get the error attached. Even though outlook is pointing to the O365/EXO servers for some reason its also trying to contact the new server as well.

I added our current SSL cert that was on our E2K10 server to the new E2K16 server and added the services to use that cert but it seems like outlook is trying to point to the local name and not whats on the cert.

I am not sure where to go from here. When I did this for our E2K10 servers many years ago, once i added the cert and the services to that cert I stopped getting errors.

Thank you
cert-error-1.PNG
LVL 2
msidnamAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

AmitIT ArchitectCommented:
you need to correct the scp setting using ems. use exchange deployment tool. it will provide you the steps.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
msidnamAuthor Commented:
So simple. Thank you.

Everything i saw online was talking about the auto discovery and split DNS but i didn't see anything about SCP.

I went ahead and used this command from the E2K16 server:

Set-ClientAccessService -Identity KRMSMBX16 -AutoDiscoverServiceInternalUri https://webmail.mycompany.com/autodiscover/autodiscover.xml

Open in new window


I'm sure ill need to change it once i remove that E2K10 server, but right now I am not getting the error when opening outlook.

Thank you.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.