20 December 2013

How To Fix Outlook Error "Certificate Security Alert" (Displaying the Exchange FQDN)

You have Outlook and Exchange 2010 and you get the error "Information you exchange with this site cannot be viewed or changed by others. However, there is a problem with the site's security certificate.

And a red X over "The name on the security certificate is invalid or does not match the name of the site."

This problem occurs when you use a signed certificate (issued by a public or private CA) that does not contain the FQDN of the Exchange.

Even if you configure the CAS service to manage your naming layout into the EMC (Server Configuration - Client Access), the error message appears every time you open Outlook.

In this example:

The server name in the local domain is server.domain.local

The server names included into the public certificate are mail.domain.ch and webmail.domain.ch 

Note: The use of local names (as .local or .lab or whatever)  is no more allowed by the public Certification Authorities.

First Step:

Please verify in the EMC the CAS uses only names avaliable in your exchange certificate.
Verify the DNS resolution of these name is correct on Internet and from your network.

Issue The following Command to address the Web Services Virtual Directory to the correct hostame, this command will fix your :

Set-WebServicesVirtualDirectory -Identity "EXSERVERNAME\EWS (Default Web Site)" –InternalUrl https://mail.domain.ch/EWS/Exchange.asmx

Set-ClientAccessServer -Identity EXSERVERNAME -AutodiscoverServiceInternalUri https://mail.doamin.ch/autodiscover/autodiscover.xml

Restart Outlook and enjoy.

No comments:

Post a Comment