Internal & External Server Certificate Error

Status
Not open for further replies.
A

AasimPathan



Hi,

I've recently removed SBS2008 from the Network & created a New Server with Windows 2008 R2 & configured Exchange 2010 with basic setup. My domain name is mydomain.local but my external domain is mydomain.com.
I have a Godaddy Certificate which i've installed for all services of Exchange. OWA & Autodiscover & RPC Over HTTP works fine without any errors.

But internally i am getting Certificate error when using Outlook 2007 for certificate Mismatch "the name of the Certificate is invalid / doesnot match the name of the site"

Any possible solution to solve this problem.... Thanks in Advance.

Aasim

MCITP: Server 2008 Administration

MCITP:Server Administration|MCTS: Server 2008| MCSE: Server 2003| MCSA + M: Exchange Server 2003| MCP: Windows XP|
 
B

busbar



Hi,

this is because the internal SCP autodiscover points to the internal FQDN of the server, you can solve this by including the server FQDN in the certificate, or set the internal SCP to the name included in the cert using this cmdlet:

Set-ClientAccessServer &ndash;Identity <CAS Server Name> -AutoDiscoverServiceInternalUri: <Internal URL>

Regards, Mahmoud Magdy Watch Arabic Level 300 Videos about Exchange 2010 here: http://vimeo.com/user3271816 Read pretty advanced Exchange stuff I post here: http://www.enowconsulting.com/ese/blog.asp, follow my blog: http://autodiscover.wordpress.com , corp blog: http://ingazat.wordpress.com and if you Liked my post please mark it as helpful and accept it as an answer
 
A

AasimPathan



Can you tell me how'd that resolve?

my external CAS server is accessed by address remote.mydomain.com

my internal CAS server is accessed by server.mydomain.local

when i ping remote.mydomain.com from (Server) it resolves to my external Ip
Set-ClientAccessServer &ndash;Identity server.mydomain.local -AutoDiscoverServiceInternalUri: server.mydomain.local ?
OR
Set-ClientAccessServer &ndash;Identity server.mydomain.local -AutoDiscoverServiceInternalUri: remote.mydomain.com

MCITP:Server Administration|MCTS: Server 2008| MCSE: Server 2003| MCSA + M: Exchange Server 2003| MCP: Windows XP|
 
B

busbar

if you want to use different names then you will need to include those names in the certificate using UCC certificate, my solution is done when using single name to access emails internally and externally.Regards, Mahmoud Magdy Watch Arabic Level 300 Videos about Exchange 2010 here: http://vimeo.com/user3271816 Read pretty advanced Exchange stuff I post here: http://www.enowconsulting.com/ese/blog.asp, follow my blog: http://autodiscover.wordpress.com , corp blog: http://ingazat.wordpress.com and if you Liked my post please mark it as helpful and accept it as an answer
 
A

AasimPathan



Sorry for delay in response, I got stuck with other things.

I've read that page you've suggested above but my problem is not multiple domain names but its the ".com" & ".local" that's required

Is there any other method that I can use or do i have to create the entire domain again? I don't want to use Domain Renaming Tools as that's risky

MCITP:Server Administration|MCTS: Server 2008| MCSE: Server 2003| MCSA + M: Exchange Server 2003| MCP: Windows XP|
 
R

ronnypot



Hi,

if you use more domain names you need to use a UCC / SAN certificate with all used domain names on it.

Otherwise you will have to change all internal and external urls to remote.mydomain.com and use internal dns to create a record to point the local ip address.

Regards Ronny
 
B

Brian Desmond -MVP-



IF i Buy GODADDY's Multiple certificates will this work without any error?

Not easily. Just add the additional names (server.mydomain.local) to the cert and you'll be fine.Active Directory, 4th Edition - www.briandesmond.com/ad4/
 
P

Paul Garlick, MCITP MCTS BCSS BCSA



If you want to refer to your exchange box internally as mydomain.local , you need to goto your godaddy account, add mydomain.local to the certificate and do whats called a rekey. Then download that certificate and reimport it to your IIS and exchange. You have to use a UCC or SAN certificate.

Here is the godaddy info:

http://help.godaddy.com/article/867

This is not a complicated process, its essentially what you did originally. Only this time you are just adding your mydomain.local to the certificate.

Renaming the domain is not required!
 
Status
Not open for further replies.
Thread starter Similar threads Forum Replies Date
C Filter/Search emails sent to internal Exchange address only Using Outlook 2
T HTML email for internal mesages and Text only for External? Using Outlook 1
J Outlook 2010 junks all message from internal senders Using Outlook 2
M Separate Internal and external emails in outlook Using Outlook 1
P Amend external calendar entries to include internal resources Using Outlook 1
T search folders to segregate internal e-mails ( from company domain ) vs exter Using Outlook 1
B Exchange 2010 Configuration Question Internal Domain for External Clients Exchange Server Administration 6
V Internal Email Restriction Exchange Server Administration 2
M join internet domain without edge server to the internal DC domain Exchange Server Administration 4
N Exchange 2010 External and Internal DsnMaxMessageAttachSize Exchange Server Administration 2
H Allow out of office auto replies for internal and external in outlook 2003 Exchange Server Administration 3
S OWA 2010 Windows Integrated Auth for Internal - FBA or NTLM for External Published Exchange Server Administration 4
F OWA internal and external address is trying to resolve on an external DNS server on the internet Using Outlook 2
P Internal email being blocked as spam Exchange Server Administration 9
B no internal email show in inbox Exchange Server Administration 4
S Do I need a certificate for internal use only? Exchange Server Administration 5
P Certificate Question; Internal Outlook Connection Using Outlook 2
X Internal mail flow between two hub transport servers same domain Exchange Server Administration 10
S Outlook 2011 for Mac - Exchange Server address changes from public front-end to internal hub server Using Outlook 5
C Syncing up outlook express with shared internal company server from a droid phone. Using Outlook 3
M Re: How to force routing between two internal smtp domains across Two Edge servers Exchange Server Administration 7
M How to force routing between two internal smtp domains across Two Edge servers Exchange Server Administration 3
T How to get Exchange 2003 OWA SSO authentication to work with Internal TMG Array web listener Exchange Server Administration 1
J Unable to get relay from internal scanner to work. Exchange Server Administration 5
W Configuring Exchange 2010 Server to deliver mail to other Internal E-mail Servers Exchange Server Administration 8
D internal postmaster mail address Exchange Server Administration 3
B NDR 5.1.1 internal mail account that doesn't exist Exchange Server Administration 3
S Hidden Attachments From Internal Sender Exchange Server Administration 1
T Internal/External exchange name Exchange Server Administration 1
M not able to recieve Internal and external email on a 2010 mailbox... attempting exch 2003 transition Exchange Server Administration 2
S internal dns name on certificate Exchange Server Administration 1
J Company internal mass mailer Exchange Server Administration 2
D Blackberry does not receive internal outlook mail Using Outlook 1
R Attachments getting stripped on forwarded emails to the internal and external users Exchange Server Administration 2
A Internal Translation System Error Using Outlook 1
V A proxy generator DLL on server atl-exch07.internal.earthlink.net could not be found or failed to initialize. Exchange Server Administration 1
X Routing ALL (including internal) mail through an SMTP Server Exchange Server Administration 2
K Using Catagory Colors with Shared (Internal) Calendars Using Outlook 2
R 500 internal server error - Role based Access Control (RBAC) User Editor Exchange Server Administration 2
N Exchange 2010 - Internal domain not certfied (not owned). Exchange Server Administration 6
G Set Out of Office for external but NOT Internal messages Using Outlook 2
C Exchange Outlook Internal not working anymore -- "User setting 'PreferredSite' is not available" Using Outlook 3
W receiving error: internal support function returned an error when I send email out Using Outlook 2
R We dont own our internal domain name Exchange Server Administration 6
S Can't recieve internal emails Exchange Server Administration 4
P Unable to send internal emails from servers and other devices. Exchange Server Administration 3
Y Limit email send and receive to internal only Exchange Server Administration 6
S Can't send to distribution list; error "An internal support function returned an error" Using Outlook 2
A Exchange 2010 with TMG 2010 - Public Wildcard Certificate not the same as my Internal Domain - is it possible? Exchange Server Administration 2
W CAS Array and Autodiscover for Internal and external access Exchange Server Administration 25
Similar threads


















































Top