none
Security Alert When opening outlook

    Question

  • I have 2 users in the same office that are the only ones affected by this.  When we open outlook we get 2 security alerts asking us if we want to proceed.  It says there is a problem with the site's security certificate.  Why would i get that with exchange.  Thats something i would think being an issue with OWA, not exchange..   it comes up 2 times, once for   server.domain.local. and again for autodiscover, i've tried installing the certificate.  But i don't know why its only happening on 2 computers
    Tuesday, February 20, 2007 4:02 PM

Answers

All replies

  • I would check to see if these 2 clients were indeed connecting using MAPI (TCP) or if they were using RPC/HTTPS - my guess would be the latter.

    To check, when you open outlook, hold down CTRL and Left Click the Outlook Icon system tray the select Connection Status

    Wednesday, February 21, 2007 8:58 AM
  • it says TCP
    Wednesday, February 21, 2007 4:18 PM
  • Did you ever resolve this issue?  I'm having the same problem.
    Monday, March 19, 2007 3:33 PM
  • I am having the same issue. I cannot connect to an exchange server due to this error.
    Friday, March 23, 2007 6:04 PM
  • Looks like you dont have configured Autodiscover feature on Exchange correctly when connecting from internal network

    http://technet.microsoft.com/en-us/library/bb124251.aspx

    /Lasse

     

    Saturday, March 24, 2007 3:39 PM
  • I would say this issue is more likely connected to activesync, try upgrading if using it
    Thursday, April 26, 2007 4:22 PM
  • I am having the sme problem as well with the outlook 2007 and exchange 2007.  The client sees what appears to be an external certificate.  I understand it is an autodiscover setting but what exactly needs to be configured.  All internal clients get teh Security Alert pop up.

    Tuesday, September 18, 2007 2:32 PM
  • Follow the steps in the following article to create an Exchange certificate using the management shell:

    http://technet.microsoft.com/en-us/library/aa995942.aspx

     

    Then make sure you have a DNS record for autodiscover.domain.com to your client access server.

     

    Thursday, September 20, 2007 12:33 AM
  •  

    Same problem here is well.  I'm not seeing in any of the posts or making the connection on why a ceritificate is even involved here with a mapi client.
    Tuesday, March 18, 2008 4:13 AM
  •  

    Outlook versions 2003 Sp2 & 3 and 2007 all use something called Exchange Web Services (hosted on the Client Access Server) to get the OAB, Availability Schedules & OOF functionality regardless of whether connected via MAPI or RPC/HTTPS.

     

    For this reason it is a best practise to ensure that your CAS Server Sefl-Signed Certificates are replaced with either Internal or External Trusted Certificates to avoid any communication issues like those being faced by posters in this thread.

    Tuesday, March 18, 2008 4:27 AM
  • Only Outlook 2007 uses Exchange Web Services.

    but I agree that the self signed cert should be replaced.

     

    for outlook 2007 to know where the EWS,OAB, OOF is located (which URL) you should configure the autodiscover function on Exchange 2007 server.

     

     

    Tuesday, March 18, 2008 9:10 AM
  • I am getting this error on only 1 users laptop. We are running Outlook 2007 but its a 2003 Exchange server. Is there a way to shut this off in Outlook?

    Thursday, October 09, 2008 7:31 PM
  • I had the same problem ...
    Took me a while to discover a solution ...
    Found this ... http://trycatch.be/blogs/pdtit/archive/2008/01/30/outlook-2007-autodiscover-authentication-popup-mistery.aspx ... worked for me!  Smile

    Basically an IE proxy issue ... add your domains as exception to the proxy and bobs your uncle!  Smile

    There may of course be an underlying issue - but this sorted it for us ...
    Good luck people!

    Cheers!
    Tuesday, October 21, 2008 11:14 PM

  • I'm having the same problem, but I'm not using a proxy server.   Has anyone else dealt with this?
    Friday, June 12, 2009 10:35 PM
  • Max - I'm having the same problem and I do not use a proxy server.  Did you find a resolution to this problem?  Thanks!
    Tuesday, September 08, 2009 2:55 PM
  • I searched for this issue today and found a potential solution here:
    http://forums.asp.net/t/1140893.aspx?PageIndex=3#2791220

    I hope this helps.
    Wednesday, September 16, 2009 8:32 PM
  • I was getting two security messages.  Autodiscover was looking at the external certificate.  I went into IIS and pur in a HTTP redirect to the name of the internal exchange server.  That fixed one of the security messages.  I am still working on the other.
    Tuesday, September 29, 2009 6:15 PM
  • Wednesday, September 30, 2009 3:29 AM
  • THIS WORKED!!!  I searched all over, and this took care of the issue I was having with Outlook giving me 2 different Security Alerts!

     

    http://support.microsoft.com/kb/940726

    Friday, September 17, 2010 12:06 AM
  • This worked for me as well!
    Thursday, April 28, 2011 7:26 PM
  • Hi everyone, I am also getting this same problem after the existing SBSCertificate.cer had expired and I created a new one in the SBS console, now all my client laptops which are also configured to use RPC over HTTPS are all coming up with two Security Alert messages....  why ?????

    Does this normally go wrong like this when the original certificate expires ?

    Have I renewed / replaced this in an incorrect manner ?

    I don't seem to be getting any issues with mobile phones which connect externally other than initially prompting that there is a new certificate and then clicking on continue to install it.

    What is the correct procedure here to avoid all this monkey business in the first place ?

    Everything was working just fine until I reneweed / replaced the expired SCSCertificate through the SBS console.

    If it is something to do with Autodiscover being wrong then why was it working OK up until i replaced it ?

    Mike

    Wednesday, July 18, 2012 9:47 AM
  • I'm getting this error on 2 users on our terminal server. Nobody else gets this cert error.  We found in the Certs list for this user our Mail.xxx.com cert from godaddy.com no on else has this. We disabled it and the cert error still occurs. It does not appear every time OL is launched and it can pop-up when simply sitting on the inbox.  OL is 2007, Exchange is 2010.

    Any ideas what I'm missing before I follow the KB940726 instructions and impact the other 35 users?

    Larry


    • Edited by Mudoch2505 Thursday, August 09, 2012 1:17 PM
    Thursday, August 09, 2012 1:08 PM
  • Worked like a charm!
    Sunday, August 25, 2013 4:52 PM