New Exchange 2016 Installation All Devices Connect Fine Except Androids

WORKS2011
WORKS2011 used Ask the Experts™
on
Removed a SBS2011 and migrated to a Server 2016 with 1st VM (PDC) and 2nd VM(Exchange 2016). Rekeyed the cert and everything works fine except Android devices. Get this error.
login error
Allot of information on the internet but haven't seen anything that's helped resolve the issue.

Microsoft updating the TLS to 1.2, but providers not having done this, as we are all having this problem with mobile phones and tablets using Outlook.
Some information about this on the internet but the links don't really give any resolution.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Jose Gabriel Ortega CastroTop Rated Freelancer on MS Technologies
Awarded 2018
Distinguished Expert 2018

Commented:
Well if the problem is on the certificate, then the problem is simple, he has to get a new certificate that allows TLS 1.2 and is correctly signed.
At least that you want to implement Certificate authentication with these devices.

https://support.kaspersky.com/13694
WORKS2011Managed IT Services, Cyber Security, Backup

Author

Commented:
Jose, certs always seem to get the best of me. Turns out the local computers Outlook connects but this cert error pops up.
cert
This doesn't have anything to do with remote though, correct?

I added all the names to the certs but maybe forgot this one.
WORKS2011Managed IT Services, Cyber Security, Backup

Author

Commented:
The GoDaddy cert I didn't add exchange.domain.local, should I have added this to the cert?

Certs on the server
Cert I created from GoDaddy
certBuilt in cert
cert3
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Jeff GloverSr. Systems Administrator

Commented:
You can't add a .local to a GoDaddy cert. Support was discontinued for that years ago. What services are connected to your GoDaddy cert?
WORKS2011Managed IT Services, Cyber Security, Backup

Author

Commented:
Hi Jeff, IIS and SMTP
Jeff GloverSr. Systems Administrator

Commented:
How many Exchange servers do you have?
WORKS2011Managed IT Services, Cyber Security, Backup

Author

Commented:
1
Jose Gabriel Ortega CastroTop Rated Freelancer on MS Technologies
Awarded 2018
Distinguished Expert 2018

Commented:
I think that the problem is that you haven configured correctly the certs on the exchange server
WORKS2011Managed IT Services, Cyber Security, Backup

Author

Commented:
...and how do you recommend I configure them?

I added a forward lookup zone in my DNS for the .com domain and added host A records for www, remote, and autodiscovery. Testing now.
Top Rated Freelancer on MS Technologies
Awarded 2018
Distinguished Expert 2018
Commented:
Like this
Get-ExchangeCertificate

Open in new window


find the one you got from goddady and get the thumbprint

then >

Get-ExchangeCertificate -thumbprint xxxxxx | Enable-ExchangeCertificate -services IIS,SMTP

Open in new window


Then Set the internal and external urls
you can use this one:
https://gallery.technet.microsoft.com/office/Script-to-configure-the-5a58558b

And finally
IISRESET

Open in new window

WORKS2011Managed IT Services, Cyber Security, Backup

Author

Commented:
Turned out an internal URL in the virtual directories was misconfigured. Corrected this and only other issue was external website didn't pull up on the LAN so I added a host A record with external IP. All is working now.
WORKS2011Managed IT Services, Cyber Security, Backup

Author

Commented:
I think I finally have certs figured out. As you can see in a previous post regarding certs and exchange I seem to run into bottlenecks. Turned out an internal URL in the virtual directories was misconfigured. Corrected this and only other issue was external website didn't pull up on the LAN so I added a host A record with external IP. All is working now.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial