Hello, In  my company we migrate exchange server 2010 to 2013, The migration was successfully completed without errors. all the databases also moved to new Exchange Server. We have a Wildcard Certificate. Wildcard Certificate name showing  (*.domain.com )we just export it from the exchange server 2010 then import to exchange server 2013. now we couldn't add POP accounts to the Exchange Server all POP users popup Passwords but not authenticating. and also when using exchange account over the outlook there a Security Alert Always shows with an error but after click OK and Yes  it's connecting to the server but It's Annoying to users can anyone please help me to fix this issue?

Here's the Error and Security Alert

Please help me to solve.

Re

Sounds like you need to configure you're internal URLs to match what is on your certificate.

https://technet.microsoft.com/en-us/library/jj218640(v=exchg.150).aspx

The URLs will all need to have the .domain.com fqdn on them since that is what your cert is configured for.  if it was me, I would make them the same as the old Exchange 2010 environment.  

Hello Hinte, Thanks for replying me.  the settings are same as the old exchange server. you have any idea? only the this is certificate name showing as *.domain.com and old exchange server had also the same. please help me

regards, 

Please can you tell me is this a self signed cert or a 3rd party brought one?

Is the trusted root certificate installed on the clients?

Are you connecting through a TMG? or a VPN?

Lastly is this a internal client or an external one using outlook anywhere. 

If the client is internal could you please try the following:

1. On a problematic Client, open Outlook.

2. Click Tools --> Account settings.

3. Double click the profile name and click More Settings.

4. On the Connection tab, uncheck on Connect to Microsoft Exchange using HTTP.

5. Save the changes and restart the Outlook to check this issue.

• Edited by RandomTechGuy 18 hours 40 minutes ago

Can you run these commands?

Get-ClientAccessServer |  fl name, auto*
Get-OutlookAnywhere | fl servername, *host*
Get-OABVirtualDirectory | fl server, *url*

Hello RandomTechGuy, Thanks for replying me. The certificate is a wildcard certificate we purchase from GoDaddy. I checked what you told to do the issue is yet appears. Any Ideas? 

Regards,

Please can you tell me is this a self signed cert or a 3rd party brought one?

Is the trusted root certificate installed on the clients?

Are you connecting through a TMG? or a VPN?

Lastly is this a internal client or an external one using outlook anywhere. 

If the client is internal could you please try the following:

1. On a problematic Client, open Outlook.

2. Click Tools --> Account settings.

3. Double click the profile name and click More Settings.

4. On the Connection tab, uncheck on Connect to Microsoft Exchange using HTTP.

5. Save the changes and restart the Outlook to check this issue.

• Edited by RandomTechGuy Monday, February 23, 2015 5:12 PM

1. Can you please run the commands as stated by Hinte.

2. can you post the output of the following Get-ExchangeCertificate -Server "your server name"

• Edited by RandomTechGuy 19 hours 45 minutes ago

Hello, My Wild Card Certificate is *.mydomain.com not local. I can't fix the certificate issue in the local users. outside users don't receive the certificate issue only internal users receive the " myexchangeser.mydomain.local " Certificate issue. anyone have ideas?

Regards,

 

This is because the certificate does not match the address your users are going to. 

Internally can your users resolve the .com address? If so in outlook change the settings to point to the .com address this would resolve your issue. 

Hi ,

Please check the below mentioned link and it describes various kind of issues which is related to certificate error.

https://social.technet.microsoft.com/Forums/en-US/fa78799b-5c55-4c71-973b-0e186612ff6f/checklist-for-exchange-certificate-issues?forum=exchangesvrgeneral

Actually when i run command Get-outlookanywhere | fl *host*  it shows the external url as mail.mydomain.com and internal url as myexchangeserver.mydomain.local I think theres the issue. I need to know how to apply my inernal url as mail.mydomain.com in exchange server 2013. 

Regards, 

Have you tried pointing a outlook client to the .com URL?

You can configure this with EMC Shell or the ECP.

In ECP navigate to >> Servers, click the server and click the pencil. there is an outlook anywhere tab.

In the EMC shell use the following command 

Get-OutlookAnywhere | Set-OutlookAnywhere -InternalHostname "URL" -ExternalClientsRequireSsl "True or false" -DefaultAuthenticationMethod "method name" 

Hi,

When an SSL certificate has been installed on an Exchange 2013 server it is not automatically enabled for any of the Exchange services such as IIS (for OWA, Outlook Anywhere, ActiveSync etc), POP, IMAP or SMTP. The administrator must manually assign the certificate to the services that the SSL certificate is intended to be used for.

Please check below link.

http://exchangeserverpro.com/exchange-2013-assign-ssl-certificate-to-services/

Good luck

ITtechin