We have 2 users that are unable to access OWA from any external device be it smart-phone, laptop etc, they can access it internally just fine.  No other user is having the issue.

They receive the 'certificate chain was issued by an authority that is not trusted (-2146893019)' error.

As it's just 2 users out of hundreds having the issue is there anything I can do without having to go near ISA or certs on the server?

If it happens to only 2 users out of hundreds, the best guess is their devices are not updated with the latest root CA list. A simple way to verify is to ask them to borrow another user's PC to logon.

• Proposed as answer by Josh Lavely 18 hours 19 minutes ago

If it happens to only 2 users out of hundreds, the best guess is their devices are not updated with the latest root CA list. A simple way to verify is to ask them to borrow another user's PC to logon.

• Proposed as answer by Josh Lavely Tuesday, May 26, 2015 1:10 PM

Hi,

Are you using a 3rd party SSL cert or self-signed certificate on your exchange server?

Please update your devices to the latest version as what Li Zhen says. If the issue persists, please change a new browser or new computer to have a try.

According to the error code, I suggest you should import the root CA cert in the Computer Trusted Root store( not in the users store) .

Best Regards,

David