Hi, I'm receiving Security Alert every time when start Outlook 2007 (office.mail.com!!! (external owa) - it's strange, maybe should be internal Exchange server). The name on the security certificate is invalid or... View Certificate shows me Issued to: IOS-Self-Signed-Certificate-193382 Issued by: IOS-Self-Signed-Certificate-193382 Valid from 12/05/2009 to 01/01/2020 OK. I know that the problem is incorrect certificate, because name of my Exchange Server - Exchange, and Owa's name - office.mail.com But where I can find this certificate for delete or replace? PDC (Server 2008) -> mmc -> certificates: Can't find IOS-Self-... Exchange 2010 -> mmc -> certificates: Can't find IOS-Self-... Exchange Power Shell - Get-ExchangeCertificate | fl Can't find IOS-Self-... Exchange Management Console -> Server Configuration -> Exchange certificates Can't find IOS-Self-... Exchange IIS Site Bindings (7.0) - Can't find IOS-Self-... In DNS I've replaced old autodiscover Host A to SRV record _autodiscover to internal Exchange server Thanks

You need to replace the self-signed cert with one from your internal CA or preferrably from a public CA. Here are some links to guide you through the process (this assumes Exchange 2010)... http://www.digicert.com/csr-creation-microsoft-exchange-2010.htm http://www.digicert.com/ssl-certificate-installation-microsoft-exchange-2010.htm For Exchange 2007... http://technet.microsoft.com/en-us/library/bb851505(EXCHG.80).aspx Tim Harrington - Catapult Systems - http://HowDoUC.blogspot.com

Thanks for reply. I have created some Exchange and Domain certificates before, it's not too difficult. For me is really interesting where is this IOS-Self- from and where I can find it. Thanks again any for suggestions.

The self-signed cert gets created by Exchanged during the installation and is only used by Exchange. Just created to get you going. Always should replace it with internal or public before going into production.Tim Harrington - Catapult Systems - http://HowDoUC.blogspot.com

Ok. So I should just to create another self-Signed Certificate for my Exchange or Buy SSL Certificate, then put it to Exchange and implement via GPO. Many thanks

Hi Tim, It was my fail to close the ticket so quickly. The wrong certificate still exists, even after recreation and reassign new one. REMARK: I've tried to implement multiply SSL certificates for local mail Exchange+Outlook and external OWA Outlook+Browser. Everything was taken from Configure Outlook Anywhere to Use Multiple SSL Certificates So, internal Outlook connection to Exchange OK. OWA internal shows certificate error, but works (perhaps GPO certificate distribution delay). But Test-OutlookWebServices -ClientAccessServer exchangesrv2 still shows annoying certificate: [PS] C:\Users\administrator.mydomain\Desktop>Test-OutlookWebServices -ClientAccessServer exchangesrv2 Creating a new session for implicit remoting of "Test-OutlookWebServices" command... [PS] C:\Users\administrator.mydomain\Desktop>Test-OutlookWebServices -ClientAccessServer exchangesrv2 RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1019 Type : Information Message : A valid Autodiscover service connection point was found. The Autodiscover URL on this object is https://of fice.externalserver.com/autodiscover/autodiscover.xml. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1004 Type : Error Message : The certificate for the URL https://office.externalserver.com/autodiscover/autodiscover.xml is incorrect. For SSL to work, the certificate needs to have a subject of office.externalserver.com, instead the subjectfound is IOS-Self-Signed-Certificate-1933852417 . Consider correcting service discovery, or installing a correct SSL certificate. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://office.externalserver.com/autodiscover/autodiscover.xml received the error The remote server returned an error: (404) Not Found. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1023 Type : Error Message : The Autodiscover service couldn't be contacted. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://EXCHANGESRV2.domain.local:443/autodiscover/autodiscover.xml received the error The underlying connection was closed: An unexpected error occurred on a send. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://EXCHANGESRV2.domain.local:443/autodiscover/autodiscover.xml received the error Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://EXCHANGESRV2.domain.local:443/autodiscover/autodiscover.xml received the error Anexisting connection was forcibly closed by the remote host RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1123 Type : Error Message : The Autodiscover service couldn't be contacted. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://exchangesrv2.domain.local/EWS/Exchange.asmx received the error The underlying connection was closed: An unexpected error occurred on a send. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://exchangesrv2.domain.local/EWS/Exchange.asmx received the error Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://exchangesrv2.domain.local/EWS/Exchange.asmx received the error An existing connection was forcibly closed by the remote host RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1025 Type : Error Message : [EXCH] Error contacting the AS service at https://exchangesrv2.domain.local/EWS/Exchange.asmx. Elapsed time was 0 milliseconds. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://exchangesrv2.domain.local/EWS/Exchange.asmx received the error The underlying connection was closed: An unexpected error occurred on a send. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://exchangesrv2.domain.local/EWS/Exchange.asmx received the error Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://exchangesrv2.domain.local/EWS/Exchange.asmx received the error An existing connection was forcibly closed by the remote host RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1027 Type : Error Message : [EXCH] Error contacting the UM service at https://exchangesrv2.domain.local/EWS/Exchange.asmx. Elapsed time was 0 milliseconds. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://office.externalserver.com/ews/exchange.asmx received the error The request failedwith HTTP status 404: Not Found. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1025 Type : Error Message : [EXPR] Error contacting the AS service at https://office.externalserver.com/ews/exchange.asmx. Elapsed time was 562 milliseconds. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://office.externalserver.com/ews/exchange.asmx received the error The remote server returned an error: (404) Not Found. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1027 Type : Error Message : [EXPR] Error contacting the UM service at https://office.externalserver.com/ews/exchange.asmx. Elapsed time was 562 milliseconds. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://exchangesrv2.domain.local/ews/exchange.asmx received the error The underlying connection was closed: An unexpected error occurred on a send. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://exchangesrv2.domain.local/ews/exchange.asmx received the error Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://exchangesrv2.domain.local/ews/exchange.asmx received the error An existing connection was forcibly closed by the remote host RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1125 Type : Error Message : [Server] Error contacting the AS service at https://exchangesrv2.domain.local/ews/exchange.asmx. Elapsedtime was 0 milliseconds. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://exchangesrv2.domain.local/ews/exchange.asmx received the error The underlying connection was closed: An unexpected error occurred on a send. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://exchangesrv2.domain.local/ews/exchange.asmx received the error Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://exchangesrv2.domain.local/ews/exchange.asmx received the error An existing connection was forcibly closed by the remote host RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1127 Type : Error Message : [Server] Error contacting the UM service at https://exchangesrv2.domain.local/ews/exchange.asmx. Elapsedtime was 0 milliseconds. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://office.externalserver.com/rpc received the error The remote server returned an error: (404) Not Found. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1029 Type : Error Message : [EXPR] Error contacting the RPC/HTTP service at https://office.externalserver.com/rpc. Elapsed time was 578 milliseconds. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://exchangesrv2.domain.local/rpc received the error The underlying connection was closed: An unexpected error occurred on a send. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://exchangesrv2.domain.local/rpc received the error Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://exchangesrv2.domain.local/rpc received the error An existing connection was forcibly closed by the remote host RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1129 Type : Error Message : [EXPR] Error contacting the RPC/HTTP service at https://exchangesrv2.domain.local/rpc. Elapsed time was 0milliseconds. Thanks

Use Disable-ExchangeCertificate and Enable-ExchangeCertificate to replace the self-signed certificate with the valid one. -- Ed Crowley MVP "There are seldom good technological solutions to behavioral problems." . "vyan024" wrote in message news:976097ea-c17f-4322-8127-59c9c1760a50... Hi Tim, It was my fail to close the ticket so quickly. The wrong certificate still exists, even after recreation and reassign new one. REMARK: I've tried to implement multiply SSL certificates for local mail Exchange+Outlook and external OWA Outlook+Browser. Everything was taken from Configure Outlook Anywhere to Use Multiple SSL Certificates So, internal Outlook connection to Exchange OK. OWA internal shows certificate error, but works (perhaps GPO certificate distribution delay). But Test-OutlookWebServices -ClientAccessServer exchangesrv2 still shows annoying certificate: [PS] C:\Users\administrator.domain\Desktop>Test-OutlookWebServices -ClientAccessServer exchangesrv2 Creating a new session for implicit remoting of "Test-OutlookWebServices" command... [PS] C:\Users\administrator.JERICHO\Desktop>Test-OutlookWebServices -ClientAccessServer exchangesrv2 RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1019 Type : Information Message : A valid Autodiscover service connection point was found. The Autodiscover URL on this object is https://of fice.externalserver.com/autodiscover/autodiscover.xml. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1004 Type : Error Message : The certificate for the URL https://office.externalserver.com/autodiscover/autodiscover.xml is incorrect. For SSL to work, the certificate needs to have a subject of office.externalserver.com, instead the subjectfound is IOS-Self-Signed-Certificate-1933852417 . Consider correcting service discovery, or installing a correct SSL certificate. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://office.externalserver.com/autodiscover/autodiscover.xml received the error The remote server returned an error: (404) Not Found. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1023 Type : Error Message : The Autodiscover service couldn't be contacted. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://EXCHANGESRV2.domain.local:443/autodiscover/autodiscover.xml received the error The underlying connection was closed: An unexpected error occurred on a send. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://EXCHANGESRV2.domain.local:443/autodiscover/autodiscover.xml received the error Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://EXCHANGESRV2.domain.local:443/autodiscover/autodiscover.xml received the error Anexisting connection was forcibly closed by the remote host RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1123 Type : Error Message : The Autodiscover service couldn't be contacted. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://exchangesrv2.domain.local/EWS/Exchange.asmx received the error The underlying connection was closed: An unexpected error occurred on a send. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://exchangesrv2.domain.local/EWS/Exchange.asmx received the error Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://exchangesrv2.domain.local/EWS/Exchange.asmx received the error An existing connection was forcibly closed by the remote host RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1025 Type : Error Message : [EXCH] Error contacting the AS service at https://exchangesrv2.domain.local/EWS/Exchange.asmx. Elapsed time was 0 milliseconds. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://exchangesrv2.domain.local/EWS/Exchange.asmx received the error The underlying connection was closed: An unexpected error occurred on a send. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://exchangesrv2.domain.local/EWS/Exchange.asmx received the error Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://exchangesrv2.domain.local/EWS/Exchange.asmx received the error An existing connection was forcibly closed by the remote host RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1027 Type : Error Message : [EXCH] Error contacting the UM service at https://exchangesrv2.domain.local/EWS/Exchange.asmx. Elapsed time was 0 milliseconds. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://office.externalserver.com/ews/exchange.asmx received the error The request failedwith HTTP status 404: Not Found. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1025 Type : Error Message : [EXPR] Error contacting the AS service at https://office.externalserver.com/ews/exchange.asmx. Elapsed time was 562 milliseconds. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://office.externalserver.com/ews/exchange.asmx received the error The remote server returned an error: (404) Not Found. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1027 Type : Error Message : [EXPR] Error contacting the UM service at https://office.externalserver.com/ews/exchange.asmx. Elapsed time was 562 milliseconds. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://exchangesrv2.domain.local/ews/exchange.asmx received the error The underlying connection was closed: An unexpected error occurred on a send. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://exchangesrv2.domain.local/ews/exchange.asmx received the error Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://exchangesrv2.domain.local/ews/exchange.asmx received the error An existing connection was forcibly closed by the remote host RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1125 Type : Error Message : [Server] Error contacting the AS service at https://exchangesrv2.domain.local/ews/exchange.asmx. Elapsedtime was 0 milliseconds. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://exchangesrv2.domain.local/ews/exchange.asmx received the error The underlying connection was closed: An unexpected error occurred on a send. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://exchangesrv2.domain.local/ews/exchange.asmx received the error Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://exchangesrv2.domain.local/ews/exchange.asmx received the error An existing connection was forcibly closed by the remote host RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1127 Type : Error Message : [Server] Error contacting the UM service at https://exchangesrv2.domain.local/ews/exchange.asmx. Elapsedtime was 0 milliseconds. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://office.externalserver.com/rpc received the error The remote server returned an error: (404) Not Found. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1029 Type : Error Message : [EXPR] Error contacting the RPC/HTTP service at https://office.externalserver.com/rpc. Elapsed time was 578 milliseconds. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://exchangesrv2.domain.local/rpc received the error The underlying connection was closed: An unexpected error occurred on a send. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://exchangesrv2.domain.local/rpc received the error Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://exchangesrv2.domain.local/rpc received the error An existing connection was forcibly closed by the remote host RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1129 Type : Error Message : [EXPR] Error contacting the RPC/HTTP service at https://exchangesrv2.domain.local/rpc. Elapsed time was 0milliseconds. Thanks Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

Hi Ed, Thanks for reply. Not sure about Disable-ExchangeCertificate The term 'Disable-ExchangeCertificate' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. At line:1 char:28 + Disable-ExchangeCertificate <<<< + CategoryInfo : ObjectNotFound: (Disable-ExchangeCertificate:String) [], CommandNotFoundException + FullyQualifiedErrorId : CommandNotFoundException Get-ExchangeCertificate Thumbprint Services Subject ---------- -------- ------- B74247D60812930AE630F1A77BE3CAC669F***** IP.WS. CN=exchange 6A3C16AC3497C2077595D81BF52786121FC***** ...WS. CN=*.externaldomain.com, OU=Domain Control Validated - RapidSSL The properties of bad certificate shows Thumbprint ‎de bc a8 bc 44 79 ca 95 d9 3b 3b f4 6e 75 0a c7 2e ** ** ** [PS] C:\Windows\system32>Get-ExchangeCertificate -Thumbprint DEBCA8BC4479CA95D93B3BF46E750AC72E****** The certificate with thumbprint DEBCA8BC4479CA95D93B3BF46E750AC72E****** was not found. + CategoryInfo : NotSpecified: (:) [Get-ExchangeCertificate], InvalidOperationException + FullyQualifiedErrorId : 782F9DD3,Microsoft.Exchange.Management.SystemConfigurationTasks.GetExchangeCertificate [PS] C:\Windows\system32>Disable-ExchangeCertificate -Thumbprint DEBCA8BC4479CA95D93B3BF46E750AC72E****** The term 'Disable-ExchangeCertificate' is not recognized as the name of a cmdlet, function, script file, or operable pr ogram. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. At line:1 char:28 + Disable-ExchangeCertificate <<<< -Thumbprint DEBCA8BC4479CA95D93B3BF46E750AC72E****** + CategoryInfo : ObjectNotFound: (Disable-ExchangeCertificate:String) [], CommandNotFoundException + FullyQualifiedErrorId : CommandNotFoundException And [PS] C:\Windows\system32>Remove-ExchangeCertificate -Thumbprint DEBCA8BC4479CA95D93B3BF46E750AC72E****** Confirm Are you sure you want to perform this action? Remove certificate with thumbprint DEBCA8BC4479CA95D93B3BF46E750AC72E****** from the computer's certificate store? [Y] Yes [A] Yes to All [N] No [L] No to All [?] Help (default is "Y"): Y The certificate with thumbprint DEBCA8BC4479CA95D93B3BF46E750AC72E****** was not found. + CategoryInfo : ObjectNotFound: (:) [Remove-ExchangeCertificate], InvalidOperationException + FullyQualifiedErrorId : 782F9DD3,Microsoft.Exchange.Management.SystemConfigurationTasks.RemoveExchangeCertificate Any suggestions?

Sorry, it's Remove-ExchangeCertificate. Where do you get the "bad certificate" from? If it doesn't show up in Get-ExchangeCertificate, then Exchange shouldn't know about it. -- Ed Crowley MVP "There are seldom good technological solutions to behavioral problems." . "vyan024" wrote in message news:ddf235b1-f3ec-43dd-acd3-f5773d4e011f... Hi Ed, Thanks for reply. Not sure about Disable-ExchangeCertificate The term 'Disable-ExchangeCertificate' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. At line:1 char:28 + Disable-ExchangeCertificate <<<< + CategoryInfo : ObjectNotFound: (Disable-ExchangeCertificate:String) [], CommandNotFoundException + FullyQualifiedErrorId : CommandNotFoundException Get-ExchangeCertificate Thumbprint Services Subject ---------- -------- ------- B74247D60812930AE630F1A77BE3CAC669F***** IP.WS. CN=exchange 6A3C16AC3497C2077595D81BF52786121FC***** ...WS. CN=*.externaldomain.com, OU=Domain Control Validated - RapidSSL The properties of bad certificate shows Thumbprint de bc a8 bc 44 79 ca 95 d9 3b 3b f4 6e 75 0a c7 2e ** ** ** [PS] C:\Windows\system32>Get-ExchangeCertificate -Thumbprint DEBCA8BC4479CA95D93B3BF46E750AC72E****** The certificate with thumbprint DEBCA8BC4479CA95D93B3BF46E750AC72E****** was not found. + CategoryInfo : NotSpecified: (:) [Get-ExchangeCertificate], InvalidOperationException + FullyQualifiedErrorId : 782F9DD3,Microsoft.Exchange.Management.SystemConfigurationTasks.GetExchangeCertificate [PS] C:\Windows\system32>Disable-ExchangeCertificate -Thumbprint DEBCA8BC4479CA95D93B3BF46E750AC72E****** The term 'Disable-ExchangeCertificate' is not recognized as the name of a cmdlet, function, script file, or operable pr ogram. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. At line:1 char:28 + Disable-ExchangeCertificate <<<< -Thumbprint DEBCA8BC4479CA95D93B3BF46E750AC72E****** + CategoryInfo : ObjectNotFound: (Disable-ExchangeCertificate:String) [], CommandNotFoundException + FullyQualifiedErrorId : CommandNotFoundException And [PS] C:\Windows\system32>Remove-ExchangeCertificate -Thumbprint DEBCA8BC4479CA95D93B3BF46E750AC72E****** Confirm Are you sure you want to perform this action? Remove certificate with thumbprint DEBCA8BC4479CA95D93B3BF46E750AC72E****** from the computer's certificate store? [Y] Yes [A] Yes to All [N] No [L] No to All [?] Help (default is "Y"): Y The certificate with thumbprint DEBCA8BC4479CA95D93B3BF46E750AC72E****** was not found. + CategoryInfo : ObjectNotFound: (:) [Remove-ExchangeCertificate], InvalidOperationException + FullyQualifiedErrorId : 782F9DD3,Microsoft.Exchange.Management.SystemConfigurationTasks.RemoveExchangeCertificate Any suggestions? Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

Hi Ed, That's right Exchange shouldn't use wrong certificate, because it isn't in the list of certificates :( Another few facts: wrong certificate appears with every time when Outlook is starting and I'm unable to View Certificate (button unclickable), also header of cert. - office.externaldomain.com??? But internal OWA use correct certificate issued by Exchangesrv2 (one from Exchange list). External OWA use correct certificate too (*.externaldomain.com), but with 500 - Internal server error. External HTTP\HTTPS Outlook connection unable, because it's error 500.

How is IIS configured? -- Ed Crowley MVP "There are seldom good technological solutions to behavioral problems." . "vyan024" wrote in message news:b933a0ab-2b45-4311-a0de-ad5013e1a32a... Hi Ed, That's right Exchange shouldn't use wrong certificate, because it isn't in the list of certificates :( Another few facts: wrong certificate appears with every time when Outlook is starting and I'm unable to View Certificate (button unclickable), also header of cert. - office.externaldomain.com??? But internal OWA use correct certificate issued by Exchangesrv2 (one from Exchange list). External OWA use correct certificate too (*.externaldomain.com), but with 500 - Internal server error. External HTTP\HTTPS Outlook connection unable, because it's error 500. Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

IIS has 2 sites: -Autodiscover.externaldomain Anonymous+Windows Auth., SSL - no req.+ignore -Default Web Site * aspnet_client * ecp * EWS * Exchange * Exchweb * Microsoft-Server-ActiveSync * OAB * owa Basic+Windows Auth., SSL req+ignore * PowerShell * Public * Rdc * RpcWithCert I have installed Rollup 4, so now external OWA shows error 404 <fieldset> 404 - File or directory not found. The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable. </fieldset> After some reboots external OWA replies: Outlook Web App didn't initialize. If the problem continues, please contact your helpdesk. Internal OWA works ok. Microsoft Exchange Attentant service unable to start. Unexpected error No authority could be contacted for authentication. ID no: 80090311 Microsoft Exchange System Attendant occurred. My present state error 404 in IE and in Firefox at the same time Server Error in '/' Application. The resource cannot be found. Description: HTTP 404. The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable. Please review the following URL and make sure that it is spelled correctly. Requested URL: /owa/auth/logon.aspx In addition: it's strange (at least for me), but I was able to connect to internal OWA even with disabled Outlook Anywhere.

What certificate is bound to the Default Web Site? -- Ed Crowley MVP "There are seldom good technological solutions to behavioral problems." . "vyan024" wrote in message news:b27d3b79-abb8-43ec-8272-748b8382367d... IIS has 2 sites: -Autodiscover.externaldomain Anonymous+Windows Auth., SSL - no req.+ignore -Default Web Site * aspnet_client * ecp * EWS * Exchange * Exchweb * Microsoft-Server-ActiveSync * OAB * owa Basic+Windows Auth., SSL req+ignore * PowerShell * Public * Rdc * RpcWithCert I have installed Rollup 4, so now external OWA shows error 404 <fieldset> 404 - File or directory not found. The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable. </fieldset> After some reboots external OWA replies: Outlook Web App didn't initialize. If the problem continues, please contact your helpdesk. Internal OWA works ok. Microsoft Exchange Attentant service unable to start. Unexpected error No authority could be contacted for authentication. ID no: 80090311 Microsoft Exchange System Attendant occurred. My present state error 404 in IE and in Firefox at the same time Server Error in '/' Application. The resource cannot be found. Description: HTTP 404. The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable. Please review the following URL and make sure that it is spelled correctly. Requested URL: /owa/auth/logon.aspx In addition: it's strange (at least for me), but I was able to connect to internal OWA even with disabled Outlook Anywhere. Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

For Default Web site is bounded certificate which created on Exchange server in PowerShell for local exchange server: New-ExchangeCertificate -FriendlyName "Exchangesrv Self" -SubjectName "cn=exchangesrv2" -DomainName exchangesrv2,exchangesrv2.mydomain.local,autodiscover.mydomain.local,autodiscover.exchangesrv2.mydomain.local -PrivateKeyExportable:$True | Enable-ExchangeCertificate -Services POP,IMAP,IIS,SMTP Default Web Site - Bindings: http 80 * https 443 Internal IP internal exchange cert net.tcp 808: * net. pipe * net.m... localhost msmq... localhost

Please explain how you implemented what you describe in "REMARK". -- Ed Crowley MVP "There are seldom good technological solutions to behavioral problems." . "vyan024" wrote in message news:976097ea-c17f-4322-8127-59c9c1760a50... Hi Tim, It was my fail to close the ticket so quickly. The wrong certificate still exists, even after recreation and reassign new one. REMARK: I've tried to implement multiply SSL certificates for local mail Exchange+Outlook and external OWA Outlook+Browser. Everything was taken from Configure Outlook Anywhere to Use Multiple SSL Certificates So, internal Outlook connection to Exchange OK. OWA internal shows certificate error, but works (perhaps GPO certificate distribution delay). But Test-OutlookWebServices -ClientAccessServer exchangesrv2 still shows annoying certificate: [PS] C:\Users\administrator.domain\Desktop>Test-OutlookWebServices -ClientAccessServer exchangesrv2 Creating a new session for implicit remoting of "Test-OutlookWebServices" command... [PS] C:\Users\administrator.JERICHO\Desktop>Test-OutlookWebServices -ClientAccessServer exchangesrv2 RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1019 Type : Information Message : A valid Autodiscover service connection point was found. The Autodiscover URL on this object is https://of fice.externalserver.com/autodiscover/autodiscover.xml. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1004 Type : Error Message : The certificate for the URL https://office.externalserver.com/autodiscover/autodiscover.xml is incorrect. For SSL to work, the certificate needs to have a subject of office.externalserver.com, instead the subjectfound is IOS-Self-Signed-Certificate-1933852417 . Consider correcting service discovery, or installing a correct SSL certificate. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://office.externalserver.com/autodiscover/autodiscover.xml received the error The remote server returned an error: (404) Not Found. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1023 Type : Error Message : The Autodiscover service couldn't be contacted. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://EXCHANGESRV2.domain.local:443/autodiscover/autodiscover.xml received the error The underlying connection was closed: An unexpected error occurred on a send. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://EXCHANGESRV2.domain.local:443/autodiscover/autodiscover.xml received the error Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://EXCHANGESRV2.domain.local:443/autodiscover/autodiscover.xml received the error Anexisting connection was forcibly closed by the remote host RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1123 Type : Error Message : The Autodiscover service couldn't be contacted. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://exchangesrv2.domain.local/EWS/Exchange.asmx received the error The underlying connection was closed: An unexpected error occurred on a send. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://exchangesrv2.domain.local/EWS/Exchange.asmx received the error Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://exchangesrv2.domain.local/EWS/Exchange.asmx received the error An existing connection was forcibly closed by the remote host RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1025 Type : Error Message : [EXCH] Error contacting the AS service at https://exchangesrv2.domain.local/EWS/Exchange.asmx. Elapsed time was 0 milliseconds. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://exchangesrv2.domain.local/EWS/Exchange.asmx received the error The underlying connection was closed: An unexpected error occurred on a send. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://exchangesrv2.domain.local/EWS/Exchange.asmx received the error Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://exchangesrv2.domain.local/EWS/Exchange.asmx received the error An existing connection was forcibly closed by the remote host RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1027 Type : Error Message : [EXCH] Error contacting the UM service at https://exchangesrv2.domain.local/EWS/Exchange.asmx. Elapsed time was 0 milliseconds. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://office.externalserver.com/ews/exchange.asmx received the error The request failedwith HTTP status 404: Not Found. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1025 Type : Error Message : [EXPR] Error contacting the AS service at https://office.externalserver.com/ews/exchange.asmx. Elapsed time was 562 milliseconds. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://office.externalserver.com/ews/exchange.asmx received the error The remote server returned an error: (404) Not Found. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1027 Type : Error Message : [EXPR] Error contacting the UM service at https://office.externalserver.com/ews/exchange.asmx. Elapsed time was 562 milliseconds. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://exchangesrv2.domain.local/ews/exchange.asmx received the error The underlying connection was closed: An unexpected error occurred on a send. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://exchangesrv2.domain.local/ews/exchange.asmx received the error Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://exchangesrv2.domain.local/ews/exchange.asmx received the error An existing connection was forcibly closed by the remote host RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1125 Type : Error Message : [Server] Error contacting the AS service at https://exchangesrv2.domain.local/ews/exchange.asmx. Elapsedtime was 0 milliseconds. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://exchangesrv2.domain.local/ews/exchange.asmx received the error The underlying connection was closed: An unexpected error occurred on a send. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://exchangesrv2.domain.local/ews/exchange.asmx received the error Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://exchangesrv2.domain.local/ews/exchange.asmx received the error An existing connection was forcibly closed by the remote host RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1127 Type : Error Message : [Server] Error contacting the UM service at https://exchangesrv2.domain.local/ews/exchange.asmx. Elapsedtime was 0 milliseconds. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1013 Type : Error Message : When contacting https://office.externalserver.com/rpc received the error The remote server returned an error: (404) Not Found. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1029 Type : Error Message : [EXPR] Error contacting the RPC/HTTP service at https://office.externalserver.com/rpc. Elapsed time was 578 milliseconds. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://exchangesrv2.domain.local/rpc received the error The underlying connection was closed: An unexpected error occurred on a send. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://exchangesrv2.domain.local/rpc received the error Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1113 Type : Error Message : When contacting https://exchangesrv2.domain.local/rpc received the error An existing connection was forcibly closed by the remote host RunspaceId : 53cb4367-3f00-4a0f-b310-ee40bcf3c57e Id : 1129 Type : Error Message : [EXPR] Error contacting the RPC/HTTP service at https://exchangesrv2.domain.local/rpc. Elapsed time was 0milliseconds. Thanks Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

Sorry, my fault. The correct link is http://technet.microsoft.com/en-us/library/bb310762.aspx and I have implemented Configure Outlook Anywhere to Use Multiple SSL Certificates

Sorry, I've never implemented that method. Every Exchange installation I've done uses the same web site for everything with a UCC certificate. -- Ed Crowley MVP "There are seldom good technological solutions to behavioral problems." . "vyan024" wrote in message news:9bf02a1a-a9d0-4286-a21b-aada17d5102d... Sorry, my fault. The correct link is http://technet.microsoft.com/en-us/library/bb310762.aspx and I have implemented Configure Outlook Anywhere to Use Multiple SSL Certificates Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

Same web site - ok. Have you experienced with different Exchange server IPs. I mean: 1 IP for local network, 2 for external OWA or HTTP\HTTPS connection. I have used to this configuration before Exchange owa broke. I have always seen how Exchange server use different IP address. How I can assign 1 constant IP forever, if network card has 2 IPs?

You can create new virtual directories in PowerShell, but I've never specifically done what you're trying to do. -- Ed Crowley MVP "There are seldom good technological solutions to behavioral problems." . "vyan024" wrote in message news:2a171862-d94e-40d0-bf6f-e0ddd5e7346b... Same web site - ok. Have you experienced with different Exchange server IPs. I mean: 1 IP for local network, 2 for external OWA or HTTP\HTTPS connection. I have used to this configuration before Exchange owa broke. I have always seen how Exchange server use different IP address. How I can assign 1 constant IP forever, if network card has 2 IPs?Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

Thanks anyway

Hi, In conclusion: 1. The wrong certificate Issued to: IOS-Self-Signed-Certificate-193382... comes from my Cisco router 2. This certificate stopped appear after changes in exchange IIS. I have performed rollback of instructions from this article Configure Outlook Anywhere to Use Multiple SSL Certificates In my opinion, exactly actions from this article provoke most of my troubles with exchange :( 3. RPC over HTTP\HTTPS works perfect after disabling IPv6 and rejoin to domain Exchange server. 4. All tests via Microsoft Exchange Server Remote Connectivity Analyzer passed fine Thanks to all