locked
Exchange 2010 SSL Certificate error? RRS feed

  • Question

  • Sir,

    We have Win2k8 server and exchange 2010 sp3 updated server.

    But from last 15 days one of the external user is facing this issue as per the attached file.

    Outlook is configured successfully on other users end and internal users also facing the same issue.

    SSL cert error?

    Please suggest me what to do on the server end?

    Thanks 

    Shrikant 


    Thursday, May 2, 2013 12:14 PM

Answers

  • Hi Shrikant,

    You may test the following settings at exchange server and if required to set the values again

    1. Get-ClientAccessServer |fl AutodiscoverServiceInternalUri

    2. Get-WebServicesVirtualDirectory | fl InternalUrl

    3. Get-OABVirtualDirectory | fl InternalURL

    4. Get-ActiveSyncVirtualDirectory | fl InternalURL

    Also use www.testexchangeconnectivity.com url to find any issues in certificates or anywhere in exchange


    Regards from ExchangeOnline | Windows Administrator's Area

    • Marked as answer by sawagh03 Tuesday, May 21, 2013 7:00 AM
    Thursday, May 2, 2013 1:18 PM
  • Hi Shrikant,

    So the issue only affects one external user, all other users are working fine, right?

    If this is the case, please check with the affected user to see if he/she has multiple email account setup in Outlook;

    Besides, run Test Email AutoConfiguration from the affected client to see what urls is returned under EXPR; and then run Get-ExchangeCertificate |Fl from Exchange server to see if there is any mismatch.

    Hope it is helpful.


    Fiona Liao
    TechNet Community Support

    • Marked as answer by sawagh03 Tuesday, May 21, 2013 6:59 AM
    Friday, May 3, 2013 6:39 AM
    Moderator

All replies

  • Hi Shrikant,

    You may test the following settings at exchange server and if required to set the values again

    1. Get-ClientAccessServer |fl AutodiscoverServiceInternalUri

    2. Get-WebServicesVirtualDirectory | fl InternalUrl

    3. Get-OABVirtualDirectory | fl InternalURL

    4. Get-ActiveSyncVirtualDirectory | fl InternalURL

    Also use www.testexchangeconnectivity.com url to find any issues in certificates or anywhere in exchange


    Regards from ExchangeOnline | Windows Administrator's Area

    • Marked as answer by sawagh03 Tuesday, May 21, 2013 7:00 AM
    Thursday, May 2, 2013 1:18 PM
  • Hi Shrikant,

    So the issue only affects one external user, all other users are working fine, right?

    If this is the case, please check with the affected user to see if he/she has multiple email account setup in Outlook;

    Besides, run Test Email AutoConfiguration from the affected client to see what urls is returned under EXPR; and then run Get-ExchangeCertificate |Fl from Exchange server to see if there is any mismatch.

    Hope it is helpful.


    Fiona Liao
    TechNet Community Support

    • Marked as answer by sawagh03 Tuesday, May 21, 2013 6:59 AM
    Friday, May 3, 2013 6:39 AM
    Moderator
  • Dear

    First Thanks for the support.

    As per the above suggestion regarding to Auto Email Configuration xml result we pasted over hear.

    It showing the EXPR url.

    <?xml version="1.0" encoding="utf-8"?>

    <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
      <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
        <User>
          <DisplayName>Helpdesk1</DisplayName>
          <LegacyDN>/o=First Organization/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=Helpdesk1</LegacyDN>
          <AutoDiscoverSMTPAddress>helpdesk1@techfabindia.com</AutoDiscoverSMTPAddress>
          <DeploymentId>f3366589-112a-447c-91b6-4e5824ed4ff1</DeploymentId>
        </User>
        <Account>
          <AccountType>email</AccountType>
          <Action>settings</Action>
          <Protocol>
            <Type>EXCH</Type>
            <Server>EXCH2K10.techfab.local</Server>
            <ServerDN>/o=First Organization/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=EXCH2K10</ServerDN>
            <ServerVersion>7383807B</ServerVersion>
            <MdbDN>/o=First Organization/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=EXCH2K10/cn=Microsoft Private MDB</MdbDN>
            <PublicFolderServer>EXCH2K10.techfab.local</PublicFolderServer>
            <AD>EXCH2K10.techfab.local</AD>
            <ASUrl>https://webmail.techfabindia.com/ews/exchange.asmx</ASUrl>
            <EwsUrl>https://webmail.techfabindia.com/ews/exchange.asmx</EwsUrl>
            <EcpUrl>https://exch2k10.techfab.local/ecp/</EcpUrl>
            <EcpUrl-um>?p=customize/voicemail.aspx&amp;exsvurl=1</EcpUrl-um>
            <EcpUrl-aggr>?p=personalsettings/EmailSubscriptions.slab&amp;exsvurl=1</EcpUrl-aggr>
            <EcpUrl-mt>PersonalSettings/DeliveryReport.aspx?exsvurl=1&amp;IsOWA=&lt;IsOWA&gt;&amp;MsgID=&lt;MsgID&gt;&amp;Mbx=&lt;Mbx&gt;</EcpUrl-mt>
            <EcpUrl-ret>?p=organize/retentionpolicytags.slab&amp;exsvurl=1</EcpUrl-ret>
            <EcpUrl-sms>?p=sms/textmessaging.slab&amp;exsvurl=1</EcpUrl-sms>
            <OOFUrl>https://webmail.techfabindia.com/ews/exchange.asmx</OOFUrl>
            <UMUrl>https://webmail.techfabindia.com/ews/UM2007Legacy.asmx</UMUrl>
            <OABUrl>https://webmail.techfabindia.com/oab/1005c7f3-9e5b-4b7c-aeba-5a5fc5c89344/</OABUrl>
          </Protocol>
          <Protocol>
            <Type>EXPR</Type>
            <Server>webmail.techfabindia.com</Server>
            <SSL>On</SSL>
            <AuthPackage>Basic</AuthPackage>
            <ASUrl>https://webmail.techfabindia.com/ews/exchange.asmx</ASUrl>
            <EwsUrl>https://webmail.techfabindia.com/ews/exchange.asmx</EwsUrl>
            <EcpUrl>https://webmail.techfabindia.com/ecp/</EcpUrl>
            <EcpUrl-um>?p=customize/voicemail.aspx&amp;exsvurl=1</EcpUrl-um>
            <EcpUrl-aggr>?p=personalsettings/EmailSubscriptions.slab&amp;exsvurl=1</EcpUrl-aggr>
            <EcpUrl-mt>PersonalSettings/DeliveryReport.aspx?exsvurl=1&amp;IsOWA=&lt;IsOWA&gt;&amp;MsgID=&lt;MsgID&gt;&amp;Mbx=&lt;Mbx&gt;</EcpUrl-mt>
            <EcpUrl-ret>?p=organize/retentionpolicytags.slab&amp;exsvurl=1</EcpUrl-ret>
            <EcpUrl-sms>?p=sms/textmessaging.slab&amp;exsvurl=1</EcpUrl-sms>
            <OOFUrl>https://webmail.techfabindia.com/ews/exchange.asmx</OOFUrl>
            <UMUrl>https://webmail.techfabindia.com/ews/UM2007Legacy.asmx</UMUrl>
            <OABUrl>https://webmail.techfabindia.com/OAB/1005c7f3-9e5b-4b7c-aeba-5a5fc5c89344/</OABUrl>
          </Protocol>
          <Protocol>
            <Type>WEB</Type>
            <Internal>
              <OWAUrl AuthenticationMethod="Basic, Ntlm, Fba, WindowsIntegrated">https://exch2k10.techfab.local/owa/</OWAUrl>
              <Protocol>
                <Type>EXCH</Type>
                <ASUrl>https://webmail.techfabindia.com/ews/exchange.asmx</ASUrl>
              </Protocol>
            </Internal>
            <External>
              <OWAUrl AuthenticationMethod="Fba">https://webmail.techfabindia.com/owa/</OWAUrl>
              <Protocol>
                <Type>EXPR</Type>
                <ASUrl>https://webmail.techfabindia.com/ews/exchange.asmx</ASUrl>
              </Protocol>
            </External>
          </Protocol>
        </Account>
      </Response>
    </Autodiscover>

    If it showing the correct url then where is the ssl problem we don't know?

    Please suggest me.

    Thanks

    Shrikant.

    Thursday, May 9, 2013 11:08 AM