locked
Exchange Server 2010 and Outlook Certs RRS feed

  • Question

  • I have a recently deployed Exchange 2010 Server; setup a cert for OWA and mobile use.  Everything is working fine on that front.  

    My issue arises with internal clients connecting with Outlook (all versions).  "The name on the security certificate is invalid or does not match the name on the site.  This tells me that Exchange is using my External Cert for my internal connection with Outlook clients.  I've troubleshot this a bit (with the fear of breaking exchange and/or owa) and it feels like I'm going to confuse myself before to long.  

    I go to Exchange Console > Server Config > Mail Server > Exchange Certificates


    -Noname Cert- The first cert with no name, uses WMSvc, this can be removed due to having no services?

    -####Mail- Was my first attempt with an external that had an issue, I do believe I've properly revoked it.  

    -mail.####us- Is my current Cert that works with my OWA/mobile site/users; it also appears to be the attempting to work internally.

    -Microsoft Exchange- My self signed cert that I attempted to make work internally for Outlook users.

    <img alt="Server Conig > Mail Server > Exchange Certs" src="http://social.msdn.microsoft.com/Forums/getfile/143736" />

    Any suggestions or advice about working with these?  More than anything I've got happy users (with the exception of this cert issue) and I don't want to stir the flock by any means.  

    Thanks in advance.
    Brian

    Thursday, July 26, 2012 3:05 PM

Answers

  • As that is returning the message 'a positional paramater cannot be found that accepts argument '-AutodiscoverServiceInternalUrl'
    Use the right parameter... AutodiscoverServiceInternalUri and it will work for you (*Url vs *Uri).

    Martina Miskovic

    Thursday, July 26, 2012 6:55 PM
  • the same as your external namespace.

    Sukh

    Thursday, July 26, 2012 5:49 PM

All replies

  • You need to follow this http://support.microsoft.com/kb/940726


    Sukh

    Thursday, July 26, 2012 4:06 PM
  • I did go through this late last week.  Should I be setting these to point to mail.###.us or internal to mail.###.local? 

    The EWS and Offline Address Book work without any problem.  UM Web Service also fails however we're not utilizing Unified Messaging services.  

    Set-ClientAccessServer returns:  

    ClientAccessFailureMessage

    Thursday, July 26, 2012 5:40 PM
  • the same as your external namespace.

    Sukh

    Thursday, July 26, 2012 5:49 PM
  • Thanks for your quick replies Sukh.  

    I've got them set to my external namespace, with the exception of the Set-ClientAccessServer -Identity <var>CAS_Server_Name</var> -AutodiscoverServiceInternalUrl https://<var>mail</var>.contoso.com/autodiscover/autodiscover.xm, 

    As that is returning the message 'a positional paramater cannot be found that accepts argument '-AutodiscoverServiceInternalUrl'

    I'm assuming that still getting the messages is a result of the Autodiscover service is the issue?

    Thursday, July 26, 2012 6:43 PM
  • As that is returning the message 'a positional paramater cannot be found that accepts argument '-AutodiscoverServiceInternalUrl'
    Use the right parameter... AutodiscoverServiceInternalUri and it will work for you (*Url vs *Uri).

    Martina Miskovic

    Thursday, July 26, 2012 6:55 PM
  • see what Martina has wrote, Its in the kb I posted.

    Sukh

    Thursday, July 26, 2012 7:00 PM
  • That thud you may have heard was my head hitting the desk.  I noticed that while going through this last week and thought it couldn't be correct, random typo....must type Url.

    Thank you both for your quick responses.  

    Thursday, July 26, 2012 7:13 PM
  • That thud you may have heard was my head hitting the desk.  I noticed that while going through this last week and thought it couldn't be correct, random typo....must type Url.

    Thank you both for your quick responses.  


    Tip: Start using Tab Completion :)

    Martina Miskovic

    Thursday, July 26, 2012 7:15 PM
  • Point very well taken.  
    Thursday, July 26, 2012 8:01 PM