Exchange 2010 certificate problem with Outlook Anywhere. Using web certificate instead of Exchange cert
I have external Outlook Anywhere users set to use mail.domain.com which has an Exchange cert of domain.com with a SAN of mail.domain.com. The problem is that the users are getting a certificate error for a different cert which is associated with domain.com
for the web server.
I am not sure why Outlook Anywhere is looking at this web server cert when I am pointing Outlook to mail.domain.com which has a valid SAN for that domain.
testexchangeconnectivity.com Outlook Anywhere test goes through with no errors.
Autoconfiguration test from Outlook system tray icon succeeds via autodiscover.domain.com
July 6th, 2012 1:08am
Why do you have a web cert that's different from the Exchange cert installed on the machine? ActiveSync goes through the Default Web Site, unless you've installed it on a different web site, but in either case Exchange doesn't really support installing
different certificates on different web sites.Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
Free Windows Admin Tool Kit Click here and download it now
July 6th, 2012 2:02am
The web server is externally hosted with its own cert - different location and certificate to the Exchange environment.
July 6th, 2012 2:07am
Why do you have a web cert that's different from the Exchange cert installed on the machine? ActiveSync goes through the Default Web Site, unless you've installed it on a different web site, but in either case Exchange doesn't really support installing
different certificates on different web sites.Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
Free Windows Admin Tool Kit Click here and download it now
July 6th, 2012 2:14am
I'm with you. I've never seen anyone deploy Autodiscover using company.com/Autodiscover/...Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
July 6th, 2012 2:18am
The web server is externally hosted with its own cert - different location and certificate to the Exchange environment.
Free Windows Admin Tool Kit Click here and download it now
July 6th, 2012 2:19am
Hi,
I don't know why the first tried methods for contacting Autodiscover is hardcoded in Outlook to use the smtpdomain/Autodiscover when it's the least used method, but that is the case.
You can configure Outlook to not use it with this registry key.
[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\AutoDiscover]
"ExcludeHttpsRootDomain"=dword:1
Martina Miskovic
July 6th, 2012 2:21am
I'm with you. I've never seen anyone deploy Autodiscover using company.com/Autodiscover/...Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
Free Windows Admin Tool Kit Click here and download it now
July 6th, 2012 2:29am