Autodiscovery failing name test due to missing name

Hi,

I just installed an Exchange 2013 SP1 server and applied for a single domain digital certificate instead of a SAN one.

The problem is that in the certificate that was purchased I only have mail.domain.com.

I should have bought a SAN certificate with mail.domain.com and autodiscover.domain.com.

When I ran the exchange connectivity analyzer I get this error:

Host name domain.com doesn't match any name found on the server certificate CN=mail.domain.com, OU=Domain Control Validated.      

Is there any way around this playing with zone file records?

I do not want to buy a new certificate just because I missed a name.

Thanks and regards

Alfred

                         



  • Edited by Alfred-B 1 hour 51 minutes ago
September 3rd, 2015 1:16am

Hello Alfred-B,

Yes, at least, the SAN certificate should include mail.domain.com and autodiscover.domain.com.

autodiscover.domain.com is for Outlook Anywhere autodiscover service. It is hard coded in Outlook that it will try to access the autodiscover in the following orders:

1.Using a Service Connection Point (SCP) object in Active Directory

2.Using DNS

3.Using an HTTP redirect

4.Using an SRV record

As for a workaround for you, you can deploy to use the SRV record (Set SRV record to mail.domain.com)

https://support.microsoft.com/en-us/kb/940881

Thanks,

Free Windows Admin Tool Kit Click here and download it now
September 3rd, 2015 2:41am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics