Aamer M
asked on
Exchange and outlook errors
We have an urgent issue.
On the Client side, the error is as below:
Today morning the users started getting errors in outlook
Error: there is a problem with the proxy server’s security certificate. The name on the security certificate is invalid or does not match the name of the target site mail.abc.com
Outlook is unable to connect to the proxy server. (Error code 10).
On the exchange server when we view the certificate, there is a warning “Revocation Check failed”. But the certificate is valid for another year. Could this be causing the issue?
We tried installing a new certificate but the issue still persists. The revocation check is still failing.
We downloaded the root and the subordinate CA CRL’s and installed It on the exchange servers and still no luck.
Running out of ideas.
On the Client side, the error is as below:
Today morning the users started getting errors in outlook
Error: there is a problem with the proxy server’s security certificate. The name on the security certificate is invalid or does not match the name of the target site mail.abc.com
Outlook is unable to connect to the proxy server. (Error code 10).
On the exchange server when we view the certificate, there is a warning “Revocation Check failed”. But the certificate is valid for another year. Could this be causing the issue?
We tried installing a new certificate but the issue still persists. The revocation check is still failing.
We downloaded the root and the subordinate CA CRL’s and installed It on the exchange servers and still no luck.
Running out of ideas.
did you change anything related to internet access on exchange server?
The error is causing because public CA cert is failing to contact CDP and AIA locations
allow server internet access without proxy authentication if already configured and check
Else from IE options \ advanced, deselect checkboxes "check for server certificate revocation" and check for publisher certificate revocation and restart IIS (iisreset) and close / open exchange console
The error is causing because public CA cert is failing to contact CDP and AIA locations
allow server internet access without proxy authentication if already configured and check
Else from IE options \ advanced, deselect checkboxes "check for server certificate revocation" and check for publisher certificate revocation and restart IIS (iisreset) and close / open exchange console
As commented above please make sure it has Internet access when installing certificate.
Please make sure required names are there in the certificate and is valid and ensure IIS enabled on the right certificate.
Please check your autodiscover is configured properly.
Please make sure required names are there in the certificate and is valid and ensure IIS enabled on the right certificate.
Get-ExchangeCertificate | fl Issuer,NotAfter,CertificateDomains,servicesPlease check your autodiscover is configured properly.
Get-clientAccessServer | fl Name,AutoDiscoverServiceInternalUri
Are able to access OWA WITHOUT issue?
Check CA server if it's private certificate or either Internet access.
Try different clients in different subnets, it could be network issue or internet proxy.
I assumed that Exchange URLs and Internal Uri configured with DNS names in certificate.
Check CA server if it's private certificate or either Internet access.
Try different clients in different subnets, it could be network issue or internet proxy.
I assumed that Exchange URLs and Internal Uri configured with DNS names in certificate.
First, check the certificate assigned to IIS and make sure is has mail.abc.com listed as the common name or a subject alternate name. If it doesn't, you need to either reconfigure your URLs to match a name that is on the certificate or replace that certificate. Revokation Check Failed will not prevent the server from functioning properly.
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
All of the users facing issue?
Do you have any proxy configured to access internet ?