none
exchange 2013 certificate request auto discovery not working

    Question

  • Hi I have generated an ssl certificate request and installed it to the server but unfortunately auto discovery still does not work and also outlook anywhere still has a certificate error when web page is displayed. everything points to remote.domain.co.uk and cant see where I went wrong
    Monday, June 24, 2013 7:26 PM

Answers

  • You can either put mail.mydomain.co.uk on the certificate, or change your OWA/ECP URL, you should be sure it wont affect anything else like reverse proxy, NLB or like.


    Bruce Jourdain de Coutance - Consultant Exchange http://brucejdc.blog.free.fr

    Tuesday, June 25, 2013 6:54 PM

All replies

  • Hello,

    Please make sure whether you have assigned services to the certificate that you apply.

    I suggest you use the get-exchangecertificate to check your certificate.

    Please make sure whether your certificate name contains your domain name and autodiscover name.


    Cara Chen
    TechNet Community Support

    Tuesday, June 25, 2013 7:00 AM
  • A certificate request don't have a private key unless you sign it with a certificate authority, so you can't use it. You either need to generate a self signed certificate or proceed the request to a certificate authority.

    Then you need to enable the certificate for IIS on the appropriate CAS servers.


    Bruce Jourdain de Coutance - Consultant Exchange http://brucejdc.blog.free.fr

    Tuesday, June 25, 2013 7:51 AM
  • I have a signed certificate from a provider but it still does not work as I think I made the request wrongly in the auto discovery section as all the other settings are as follows "remote.mydomain.co.uk but I don't see that in the auto discovery section all I see is my local server and domain and i'm not sure if you have to edit this part
    Tuesday, June 25, 2013 2:37 PM
  • Did you configure InternalURL and ExternalURL on your CAS virtual directory?

    Did you configure the SCP autodiscover URL?

    If you have a email like toto@mydomain.com, do you have a DNS record like autodiscover.mydomain.com ?

    Is your AD domain name the same as your Internet domain name?



    Bruce Jourdain de Coutance - Consultant Exchange http://brucejdc.blog.free.fr

    Tuesday, June 25, 2013 2:55 PM
  • I have all of these except my AD domain name is server.domain.local

    and not sure about SCP autodiscover URL

    Tuesday, June 25, 2013 3:13 PM
  • The SCP is the first used into the autodiscover process.

    You can set it with :

    Get-ClientAccessServer | Set-ClientAccessServer -AutoDiscoverServiceInternalUri https://myserver.mydomain.com/autodiscover/autodiscover.xml
    Source : http://technet.microsoft.com/en-us/library/bb125157(v=exchg.141).aspx


    Bruce Jourdain de Coutance - Consultant Exchange http://brucejdc.blog.free.fr

    Tuesday, June 25, 2013 3:23 PM
  • it looks like my virtual directories are set wrong they have in them mail.mydomain.co.uk in owa and ecp everthing else is set as remote.mydomain.co.uk is it OK to change the virtual setting to match or will it stop the mail from coming in ?
    Tuesday, June 25, 2013 3:49 PM
  • You can either put mail.mydomain.co.uk on the certificate, or change your OWA/ECP URL, you should be sure it wont affect anything else like reverse proxy, NLB or like.


    Bruce Jourdain de Coutance - Consultant Exchange http://brucejdc.blog.free.fr

    Tuesday, June 25, 2013 6:54 PM