I have external Outlook Anywhere users set to use mail.domain.com which has an Exchange cert of domain.com with a SAN of mail.domain.com. The problem is that the users are getting a certificate error for a different cert which is associated with domain.com for the web server. I am not sure why Outlook Anywhere is looking at this web server cert when I am pointing Outlook to mail.domain.com which has a valid SAN for that domain. testexchangeconnectivity.com Outlook Anywhere test goes through with no errors. Autoconfiguration test from Outlook system tray icon succeeds via autodiscover.domain.com

Why do you have a web cert that's different from the Exchange cert installed on the machine? ActiveSync goes through the Default Web Site, unless you've installed it on a different web site, but in either case Exchange doesn't really support installing different certificates on different web sites.Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

The web server is externally hosted with its own cert - different location and certificate to the Exchange environment.

Why do you have a web cert that's different from the Exchange cert installed on the machine? ActiveSync goes through the Default Web Site, unless you've installed it on a different web site, but in either case Exchange doesn't really support installing different certificates on different web sites.Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

I'm with you. I've never seen anyone deploy Autodiscover using company.com/Autodiscover/...Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

The web server is externally hosted with its own cert - different location and certificate to the Exchange environment.

Hi, I don't know why the first tried methods for contacting Autodiscover is hardcoded in Outlook to use the smtpdomain/Autodiscover when it's the least used method, but that is the case. You can configure Outlook to not use it with this registry key. [HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\AutoDiscover] "ExcludeHttpsRootDomain"=dword:1 Martina Miskovic

I'm with you. I've never seen anyone deploy Autodiscover using company.com/Autodiscover/...Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."