Exchange 2010 / Outlook 2010 environment. We applied updates to Exchange over the weekend, and now clients seem to be getting security certificate errors because of it. it my only be coincidental with an expiration date as well - can't be sure. But what we are seeing is a similar issue both with Outlook clients, as well as iPhone Exchange Active Sync devices. The Outlook client shows an error saying "The security certificate has expired or is not yet valid". The Iphones give 2 different messages, depending on the person. One message is "Server is not trusted due to invalid certificate" and then allows the user to select "Continue" or "Trust" and they work fine after that. Others, however, do not get that option and say something to the affect of "Certificate has expired" and they aren't presented an option to continue or trust the server, and they're stuck. So - is this an issue on the client side, on the server side, where I need to recreate the expired certificate? And if I do that, I assume it will upset the 90% of the users that are working. Thanks for your help.
You can find this out easily from the Exchange management shell with the following command: get-exchangecertificate |FL. The result will be a list of all of the Exchange certificates that are installed and will show details about their application to various services, whether they're self-signed or not and if they are expired or valid. Once you find that out, you'll know which certificate is causing the problem and can go on to renewal steps from there.