the security certificate has expired or is not yet valid in outlook 2007

Status
Not open for further replies.
J

Jaita

Hi, We have exchange server 2007 and outlook 2007 clients. After one year of installation we get the security warning " the security certificate has expired or is not yet valid" twice when we launch outlook 2007. I have checked the exchange certificates ( Get-ExchangeCertificate | fl in exchange management ) and in IIS certificates( server certificates ), but the expired certificate shown by outlook is not there. I also notice that I do not get this security warning when the default web site is stopped or when the www service is stopped.

How can I find where is this purticular certificate used on the server.

Regards

Jai
 
A

AndyD_ [MVP]

Has the certificate that you are using been enabled for all the necessary services on the CAS?

If you open up MMC on the server and add the certificates snap-in, so you see the certificate listed anywhere in the certificate store for that server?
 
S

Sembee [MVP]

When you get te certificate prompt you can choose to view the certificate. That may well show you where the certificate prompt is coming from. It could be that the client is connecting to a server that you aren't expecting as part of the autodiscover process.

Simon.
 
J

Jaita

Hi Andy, The certificate warning prompted while launching outlook shows that it is for the mail server(single server with mailbox, CAS & Hub Transport roles). When I list the certificates in exchange management shell, it is not available there. I can not see it any where in the certificates console as well. I tried even in the IIS server certificates and it is not there.

Regards

Jai
 
J

Jaita

The certificate warning prompted while launching outlook shows that it is from the mail server. When I stop the default web site on the exchange server, the certificate warning does not come. So it is confirmed that it is from the mail server.

Jai
 
G

Gen Lin

Hi,

To resolve this issue, you need to create a new certificate for exchange server.

If you are using a exchange self signed certificate, please follow these steps to create a new certificate:

Step 1: Delete the expired certificate:

a. Run get-exchangecertificate |fl , please note the Thumbprint number of the expired certificate, such as 5113ae0233a72fccb75b1d0198628675333d010e.

b. Run remove-exchangecertificate -thumbprint 5113ae0233a72fccb75b1d0198628675333d010e to delete this expired certificate.

Step 2: Generate a new exchange certificate

new-exchangecertificate

If You may get a prompt to overwrite the default SMTP certificate. type A to overwrite it.

Step 3: Enable this new certificate for the exchange services:

Enable-exchangecertificate -thumbprint <the new certificate you just created> -services:IIS,SMTP,POP,IMAP

More information, please refer the following link:

http://technet.microsoft.com/en-us/library/aa997231(EXCHG.80).aspx

Thanks
 
A

AndyD_ [MVP]

When you view the cert that is throwin the error from the client, what is the expiration date?
 
J

Jaita

Hi Gen Lin,

I cannot delete the expired certificate because I cannot see it when I run get-exchangecertificate |fl command.
 
J

Jaita

Hi Andy, The expiration date is 8/17/2010.

Also note that when I search for the thumbprint of the invalid certificate in the mail servers' registry I can see it under HKLM>Software>Microsoft>SystemCertificates>My>Certificates.
 
A

AndyD_ [MVP]

If you see it in the registry, then it should be viewable in the Personal Certificate store of the server viewed with the MMC/Certificates Snap-in .

Either way, I would remove the invalid cert. Just make sure you have a good one that you can reenable for the correct services if necessary or it removing it breaks something.
 
G

Gen Lin

Hi,

Did you run get-exchangecertificate |fl in exchange management shell.

What's result you got after running this command?



 
J

Jaita

Hi Andy & Gen Lin,

The problem is solved finally. Here is what I have done.

I have deleted the expired certificate from registry.

Created a new self signed certificate. noticed that this has only IMAP, POP and SMTP services. So I enabled this certificate for IIS as well. Now the security warning does not appear.

Thanks a lot for your help.

Regards

Jai
 
Status
Not open for further replies.
Thread starter Similar threads Forum Replies Date
A The Security certificate has Expired or is not yet valid Exchange Server Administration 2
J Is it no longer possible to suppress Outlook 2019 Invalid Certificate name mismatch security alert via Registry? Using Outlook 1
M 3rd Party Certificate now Security Alert Exchange Server Administration 2
Diane Poremsky The security certificate is not from a trusted certifying authority New Slipstick.com Articles 0
T Outlook 2007 SSL selfsigned certificate how to stop security popup everytime? Using Outlook 10
J "The server you are connected to is using a security certificate that cannot be verified" Using Outlook 2
S Outlook 2007 POP The serveryou are connected to using a security certificate that cannot be verified Using Outlook 5
V Security Certificate error in Outllook 2010. Using Outlook 2
E The server you are connected to is using a security certificate that cannot be verified. The target Using Outlook 4
D Server security certificate error on Outlook 2007 Using Outlook 3
B Re: The server you are connected to is using a security certificate that could not be verified. The Using Outlook 4
S After installing 3rd party Certificate for IIS , prompt warning for mapi clients the name on security certificate is invalid , Exchange Server Administration 3
M Exchange 2010 and Outlook 2010 - The name on the security certificate is invalid Exchange Server Administration 3
H Internet Security Warning for a security certificate Using Outlook 6
A Another 'The name of the security certificate is invalid or does not match the name of the site' problem Exchange Server Administration 6
T Outlook 2007 Autodiscover Security Alert (The name on the security certificate is invalid or does n Using Outlook 3
C "Name on the Security Certificate is Invalid or Does not Match..." using Outlok 2007 w/ Exchange 200 Using Outlook 59
DoctorJellybean Windows Security Credentials appears once a day Using Outlook 2
noshairwan Registry cannot be found, Outlook Security Using Outlook 2
D Security patch seems to kill vbscript on Enterprise Level Outlook VBA and Custom Forms 4
Diane Poremsky Outlook Email Security Update New Slipstick.com Articles 0
J Customize Attachement Security Warning Using Outlook 1
I Microsoft Security Update KB3097877 Using Outlook 14
smokiibear windows security mail application not accepting username and password Using Outlook 0
B Outlook Anywhere vs Activesync and Enterprise Security Exchange Server Administration 8
Commodore Skype and contacts security/privacy Using Outlook 1
E email security (backups) Using Outlook 2
A "Microsoft Exchange Add-In" (UmOutlookAddin.dll) + Outlook Security Form ... Using Outlook 4
T Outlook 2013, McAfee Security Suite and SMTP/POP3 Using Outlook 3
D Windows Security Using Outlook 1
D Outlook Security Question Using Outlook 3
C Security Question - How to prevent users exporting .iaf files Using Outlook 5
G Security-enabled Distro Group Members Can't Access Associated Group Mailbox Using Outlook 1
B 2003 >> 2010 outlook today security changes (Iframes? Href?) Using Outlook 1
H Microsoft outlook security notice Using Outlook 2
A Calendar Security Using Outlook 1
S Help: Your digital id name cannot be found by the underlying security system. Using Outlook 3
B After Latest Security Updates Outlook Will Not Connect to IMAP Server Using Outlook 5
K Exchange 2010 Health explorer on configuration, performace & security state is blank Exchange Server Administration 2
O Outlook 2010 is Missing the security tab - Using Outlook 1
H Is NOT using TNEF a security risk? Exchange Server Administration 10
A mcafee anti virus with Forefront security protection Exchange Server Administration 4
P Does Microsoft Exchange Server EWS support WS-Security standard Exchange Server Administration 3
T Security Essential and Need to Update My Password Using Outlook 1
A SendAs permission not found in Security tab Exchange Server Administration 6
G How to determine the "Distinguished Name string" of a security group for New-ManagementScope command Exchange Server Administration 2
J Security Update for Microsoft Office Word 2007 (KB2344993) causing IMCEAMAILTO delivery failures. Using Outlook 1
B security Improvements in last 10 years Exchange Server Administration 1
H Outlook 2003 - can't send emails. Get this message from Norton Internet Security "was unable to be Using Outlook 2
C Security problems downloading xps files Using Outlook 2
Similar threads


















































Top