Hello, We have Parent-Child domain architecture. We have one Exchange 2010 SP2 (PARENTEX) server in Parent domain and one Exchange 2010 SP2 server in child domain (CHILDEX). Both these servers are in single Exchange organization. PARENTEX email server is accessed via TMG server for OWA, RPC and Activesync. CHILDEX server OWA is directly exposed outside (no TMG or ISA server). For both the servers the OWA url is different (https://PARENTEX.OWA.com and https://CHILDEX.OWA.com). We have single Wildcard certificate from Godaddy. For PARENTEX we have Internal root CA certificate and wildcard certificate is applied on TMG. OWA and RPCoverHTTP work without any issues for PARENTEX user when inside the office or outside the office. For CHILDEX we have applied wildcard certificate on the server. The OWA (https://CHILDEX.OWA.com) has no issues of certificate. But when CHILDEX users access Outlook via RPCoverHTTP, they keep getting the Certificate Security Alert. I have added msstd:*.domain.com in CHILDEX, but still no luck. Kindly help me in getting rid of this certificate security alert. Thanks

What is the error in the certificate security alert? Is it that it's not trusted, or that the name is wrong? When you hold ctrl and right-click the outlook system tray icon, what urls are being shown in the "test email autoconfiguration" feature? Mike Crowley | MVP My Blog -- Planet Technologies

The Certificate security alert say "Name of security certificate is invalid" The test auto configuration details are: Internal URL: https://childserver.childdomain.owa.com External URL: https://childex.owa.com Autodiscover URL: https://parentserver.owa.com/autodiscover/autodiscover.xml The certificate is wildcard as *.owa.com

Hello, Could you please provide a snapshot of the certificate warning in Outlook. I want to see the serer name it connects to. Thanks, Simon

You may wish to ask your CA vendor to what depth the wildcards are expected to work. I would expect that it only covers the first-level subdomain. Mike Crowley | MVP My Blog -- Planet Technologies

You may wish to ask your CA vendor to what depth the wildcards are expected to work. I would expect that it only covers the first-level subdomain. Mike Crowley | MVP My Blog -- Planet Technologies

I checked with vendor, the certificate is one-level only. So for second-level we need to buy additional certificate. Thanks for help.