locked
security alert opening outlook RRS feed

  • Question

  • I have an exchange server 2007 running on widow’s server 2008 split on two separate servers.

    Server one: exchange management tools and client access server

    Server two: exchange management tools, mailbox server and hub transport

     

    I have IIS7 installed on both servers (the mailbox and hub would not install without it) and the client access has it for OWA.  I have installed a SSL certificate for the outside access OWA, and I have also placed the common name on the external URL on the CAS server properties/ Outlook Anywhere I also have NTLM for authentication method. 

    That seems to work fine from the outside, inside when I launch outlook 2007 to connect to the exchange server on my network, I get this security alert.  I have even installed the cert, however I get this every time I open outlook. 

    ***************************************
    *  Security Alert                                          *
    *                                                                  *
    * Information you exchange with this site  *
    * cannot be viewed or changed by others  *
    * However, there is a problem with the     *
    * site's security certificate.                        *
    *                                                                   *
    *  The Security Certificate is from a trusted *
    * authority                                                     *
    *                                                                    *
    * The security certifiace date is valad          *
    *                                                                     *
    * The name on the security certificate is      *
    * invalid or does not match the name of the *
    * site.                                                              *
    *                                                                       *
    * Do you want to proceed?                              *
    *                                                                       *
    *      Yes   No   View Certificate                       *
    **************************************


    I get this prompt at least three times.  the odd thing is I am migrating to this server from a exchange 2003 (same forest and domain) and some users on the old 2003 server also get this error and outlook is configured to connect to the 2003 server not 2007. 

    soon I will move everybody to the 2007 server and retire the 2003 server, I just dont want to here every complain about getting prompted everytime they open outlook.

    I dont have a mulitple entry cert to add the local site name to the cert.

    any ideas as how to avoid this security alert on the local domain?

    Thanks,

    How can prevent this from happening on my internal network?


    Wednesday, November 4, 2009 9:00 PM

Answers

  • http://support.microsoft.com/kb/940726
    Security warning when you start Outlook 2007 and then connect to a mailbox that is hosted on a server that is running Exchange Server 2007 or Exchange Server 2010: "The name of the security certificate is invalid or does not match the name of the site"


    • Marked as answer by mc1984 Wednesday, November 4, 2009 10:16 PM
    Wednesday, November 4, 2009 9:04 PM

All replies

  • http://support.microsoft.com/kb/940726
    Security warning when you start Outlook 2007 and then connect to a mailbox that is hosted on a server that is running Exchange Server 2007 or Exchange Server 2010: "The name of the security certificate is invalid or does not match the name of the site"


    • Marked as answer by mc1984 Wednesday, November 4, 2009 10:16 PM
    Wednesday, November 4, 2009 9:04 PM
  • Andy,

    I must be doing something incorrectly, I keep getting an error everytime I attempt the following according to kb940726

    PS C:\Windows\System32> Set-ClientAccessServer-AutodiscoverServiceInternalUri https://mail.ce.wisconsin.edu/autodiscover/autodiscover.xml
    The term 'Set-ClientAccessServer-AutodiscoverServiceInternalUri' is not recognized as a cmdlet, function, operable prog
    ram, or script file. Verify the term and try again.
    At line:1 char:54

    any ideas?
    Thursday, November 5, 2009 1:57 PM
  • Make sure you are using the Exchange Powershell, not the generic Windows Powershell
    Thursday, November 5, 2009 2:06 PM
  • oops,  my mistake, I had a shortcut and it was in fact the windows power shell.

    Thursday, November 5, 2009 2:31 PM
  • What exactly should be entered in place of



    CAS_Server_Name

    "CAS_Server_Name</var>\EWS (Default Web Site)"

    "CAS_Server_name\oab (Default Web Site)"

    "CAS_Server_Name\unifiedmessaging (Default Web Site)"



    Thank you.
    Sunday, February 28, 2010 7:26 PM
  • The name of the Client Access Server.

    Sunday, February 28, 2010 7:54 PM
  • sorry no help for admin begginer :-) .
    Probably a simple question but I'm getting lumps on my head from banging it
    against my desk.
    How can I get this name ? Same name as server name ? Example pls..

    Thank you

    Sunday, February 28, 2010 8:19 PM
  • I have a similar problem with the security certificate, except only two users out of 600 are getting the prompt when they open outlook '07. Before I make a change I would like to know if it would adversely affect everyone else or is there something I may be able to do to the clients that are affected? 

    Thanks
    Tony

    This is what we did and it seemed to work

    Created a new user profile and then copied over the old and it worked. No more Cert pop-up
    • Proposed as answer by trons4u Thursday, March 4, 2010 7:16 PM
    Tuesday, March 2, 2010 6:34 PM