none
This certificate with thumbprint ********* and subject '*.yourdomain.com' cannot used for POP SSL/TLS connections because the subject is not a Fully Qualified Domain Name (FQDN). Use command Set-POPSettings to set X509CertificateName to the FQDN of the se RRS feed

  • Question

  • Hi All,

    We have on on-prem. Exchange server 2013 server, with DAG configured on the same. when we assigning POP and IMAP services on wildcard certificate it showing below error.

    "This certificate with thumbprint ********* and subject '*.yourdomain.com' cannot used for POP SSL/TLS connections because the subject is not a Fully Qualified Domain Name (FQDN). Use command Set-POPSettings to set X509CertificateName to the FQDN of the service."

    due to this we are facing certificate error popups at client end where we have configured POP and Imap a/c.

    Please help us to resolve this issue.

     

     


    Regards, Prashant


    Tuesday, June 12, 2018 7:44 AM

All replies

  • Hi Prashant,

    Is it a wildcard certificate with "*.yourdomain.com"?

    If so, please set a value of X509CertificateName by Set-POPSettings or Set-IMAPSettings. For example:
    Set-POPSettings -X509CertificateName mail.yourdomain.com
    Set-IMAPSettings -X509CertificateName mail.yourdomain.com
    Note: "Mail.yourdomain.com" the DNS record is existing, and including by "*.yourdomain.com".

    After that, restart all POP and IMAP service on each Exchange server.

    Best Regards,
    Allen Wang


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Wednesday, June 13, 2018 3:42 AM
    Moderator
  • Hi Allen,

    We have already added Exchange FQDN on popsettings and imapsettings on exchange server.

    is there any issue if we are using wildcard certificate on exchange server 2013.



    Regards, Prashant

    Wednesday, June 13, 2018 9:39 AM
  • It should be working fine with wildcard certificate.
    Do you experience any other issue now during monitoring?

    Best Regards,
    Allen Wang


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Wednesday, June 20, 2018 9:53 AM
    Moderator
  • Hi,

    Any further help we can do for you?
    If it's solved, would you please post the solution here to share it with us?

    Also, please free to mark the useful reply as answer. Thanks for your cooperation.

    Best Regards,
    Allen Wang


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Monday, June 25, 2018 2:09 AM
    Moderator
  • Hi,

    Sorry to interrupt your again.
    I just want to check the current status of your question.
    Is there any update or any other assistance I could provide on this issue? 

    Please feel free to mark responses as the answer and/or vote them helpful as appropriate.
    Thank you for your understanding and patience! 

    Best Regards,
    Allen Wang


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Monday, July 2, 2018 2:02 AM
    Moderator
  • Hi I am facing the same issue with our Exchange servers.

    Set-ImapSettings -X509CertificateName webmail.domain.ae

    but still facing issue, any resolutions please.

    

    Monday, August 19, 2019 5:41 AM
  • Hi,

    i am facing the same issue!

    cheers

    Tuesday, August 20, 2019 11:34 AM
  • +1

    I also am having the same issue.  Our wildcard is "*.ourdomain.com" and both POP and IMAP settings do show "email.ourdomain.com" already, I did not need to set it.  But, I am getting the same error as others.


    Find this post helpful? Does this post answer your question? Be sure to mark it appropriately to help others find answers to their searches.

    Monday, November 11, 2019 11:56 AM