OWA URL & Outlook 2007 / Exchange 2007 Certificate Issue
Hello all.
I've built up a new Windows 2003 R2 domain named company.local and installed Exchange 2007 choosing the typical installation routine. Forest and Domainmode are native Windows 2003. The installation of a Edge-Exchange 2007 server is not desired, so this ist the only Exchange 2007 Server.
The company will use Office Outlook 2007 as client and Outlook Webaccess (OWA) as a solution for accessing mail when travelling without a notebook. The URL for OWA must be: https://webmail.company.com.
An internal Enterprise Root CA has been installed.
After adjusting the the external OWA URL everything worked fine with OWA. But now Outlook 2007 shows a certificate error telling the name of the certificate does not match the name of the site = Exchange Server.
I've tried the new-virtualdirectory cmdlet on a new website with a 2nd. IP in order to get a seperate virtual directory for OWA to solve the issue. The cmdlet exectuted fine without errors but OWA did not work. DNS entries have been set to the 2nd. IP and pointing to webmail.
I believe many companies will face this problem so does someone have a solution to overcome this issue?
Thanks & greetings.
Joachim-- Joachim SchippersMCT/MCSESwitzerland
June 18th, 2007 4:34pm
I have the same issue. Let me know if you find a solution.
Hien
Free Windows Admin Tool Kit Click here and download it now
June 19th, 2007 11:37pm
Joachim,
I had the same problem on our exchange 2007 serveras well.
The following links fixed the issue for me.
http://www.windowsitpro.com/Articles/ArticleID/95865/95865.html?Ad=1
http://technet.microsoft.com/en-us/library/aa995942.aspx
Best Regards,
Cody Dabb
June 27th, 2007 1:17am
will this work for my Verisign Secure Site SSL cert? I have heard that Verisign only supports 1 name or 1 site per Cert... is that correct?~Andy.
Free Windows Admin Tool Kit Click here and download it now
July 2nd, 2007 9:13pm
I am not sure if Verisign will let you tie multiple names to 1 cert. You might want to give them a call to see.
-Cody
July 3rd, 2007 7:43pm
I am having the same exact problem. We got our certificate from Godaddy. Our certificate shows webmail.somecompany.com and our actual mail server name internally is mail1.somecompany.com. I don't think it is possible to get a certificate with both names. Any other way to fix this problem?
Free Windows Admin Tool Kit Click here and download it now
July 19th, 2007 1:45am
I fixed the problem using the instruction from this url:http://technet.microsoft.com/en-us/library/aa995942.aspx
If you don't use internal CA, check your CA provider to see if they support Subject AlternativeName so you can have multiple host names.
Hien
July 19th, 2007 4:58am
Another way to get around this issue is to make the certificate name eg, mail.company.com, resolve to the internal IP address of the exchange 2007 server.
Eg,
Externally: mail.company.com resolves to external IP address
Internally: mail.company.com resolves to the internal IP address of the exchange 2007 server.
Cheers
Free Windows Admin Tool Kit Click here and download it now
July 19th, 2007 7:11am
That is currently how I have it configured and still get the certificate error. The problem is the Exchange server is named somecompany.com and webmail is webmail.somecompany.com. The certificate is for webmail.somecompany.com. So I get the certificate error on all Outlook 2007 clinets on the internal network. Webamil works fine with no errors.
July 21st, 2007 7:23pm
Hi everyone,
I've been following this thread because I recently upgraded to Exchange 2007 (and clients to Outlook 2007) and encountered the same problem. I'm happy to say that after many hours of research, I finally found a solution thanks to
http://forums.msexchange.org/m_1800444783/mpage_1/key_/tm.htm#1800444783.
The article is a bit jumbled and has a lot of information that isn't relevant to this specific issue, but the important part starts about two-thirds of the way down the article in the paragraph that begins "Next we need to change the URLs used autodiscover so that all services point to mail.domain.com."
I followed all the steps through the end of the article and, for what it's worth, I did not have to reboot my server. Our SSL certificate is issued by StartCom, although the article's author used GoDaddy which is what I think you said you were using.
Cheers,
Melanie Downie Zupan
Systems Administrator
French American International School
Portland, Oregon, USA
Free Windows Admin Tool Kit Click here and download it now
August 9th, 2007 7:56pm
I have blogged about how to fix this exact issue using a single name certificate.http://www.shudnow.net/2007/08/10/outlook-2007-certificate-error/Hope this helps.
August 13th, 2007 4:18am
This is ths solutions to the problem!!!!!!
that everyone is havingby making everything look at the externally https://Mail.company.com it solves the issue with the cert.therefore whenMSOutlook 2007 connects to exchange with autodiscory it will be usoing the samecertas OWA.
thank you this actually worked.
http://forums.msexchange.org/m_1800444783/mpage_1/key_/tm.htm#1800444783.
The article is a bit jumbled and has a lot of information that isn't relevant to this specific issue, but the important part starts about two-thirds of the way down the article in the paragraph that begins "Next we need to change the URLs used autodiscover so that all services point to mail.domain.com."
Free Windows Admin Tool Kit Click here and download it now
July 29th, 2008 6:05pm
Hi,
I read your error. You can solve your problems for Microsoft
Exchange Server tool.This software are solve your error.
August 9th, 2010 2:06pm