POP3 SSL connection error after SP2 installation
After installing Exchenge Server 2010 SP2 (now I have v14.2 build 247.5) the POP3 SSL connections don't work.
I have both connection types, 110 and 995 SSL with plain text authentication.
Any suggestion?
Thanks for your time!
Un saludo! Juan Segura
February 16th, 2012 9:07am
Hi,
please execute the command get
get-exchangecertificate
in order to get the Serrvices which are bound to a specified certificate. You have to look for a service "P" if it is not listed you are able to bind the speciifed certificate to the POP3 prococoll using the command
set-exchangecertificate
regards Thomas Paetzold visit my blog on: http://sus42.wordpress.com
Free Windows Admin Tool Kit Click here and download it now
February 16th, 2012 3:31pm
Hi,
please execute the command get
get-exchangecertificate
in order to get the Serrvices which are bound to a specified certificate. You have to look for a service "P" if it is not listed you are able to bind the speciifed certificate to the POP3 prococoll using the command
set-exchangecertificate
regards Thomas Paetzold visit my blog on: http://sus42.wordpress.com
February 16th, 2012 3:31pm
Thanks for your fast reply Thomas.
The result for get-exchangecertificate shows 4 lines. This is the most interesting:
049C4EF33196FA0CA5E5B80A47265E41A76B54B3 IP.WS. CN=mail.public-domain.com, OU=mail.public-domain.com, O="ORGANIZATION NAME, ...
The thing I see is the certificate name refers to public addres "mail.public-domain.com", this is the certificate I use for the OWA access. But the FAQN name is anoter name: "MAILSERVER".
Best regards!Un saludo! Juan Segura
Free Windows Admin Tool Kit Click here and download it now
February 16th, 2012 5:49pm
Thanks for your fast reply Thomas.
The result for get-exchangecertificate shows 4 lines. This is the most interesting:
049C4EF33196FA0CA5E5B80A47265E41A76B54B3 IP.WS. CN=mail.public-domain.com, OU=mail.public-domain.com, O="ORGANIZATION NAME, ...
The thing I see is the certificate name refers to public addres "mail.public-domain.com", this is the certificate I use for the OWA access. But the FAQN name is anoter name: "MAILSERVER".
Best regards!Un saludo! Juan Segura
February 16th, 2012 5:49pm
Hi Juan,
Is there any error message when you try to send a mail via POP3 client?
If possible, please test "Plain text logon" authentication first.
By the way, please don't forget to restart the Microsoft Exchange POP3 service after you change any POP3 settings.
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
tnmff@microsoft.com.Frank Wang
TechNet Community Support
Free Windows Admin Tool Kit Click here and download it now
February 17th, 2012 4:03am
Hi Juan,
Is there any error message when you try to send a mail via POP3 client?
If possible, please test "Plain text logon" authentication first.
By the way, please don't forget to restart the Microsoft Exchange POP3 service after you change any POP3 settings.
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
tnmff@microsoft.com.Frank Wang
TechNet Community Support
February 17th, 2012 4:03am
Hi,
Ok, this means that you get an certificate error if you use this certificate because your POP3 Server is not listed in this certificate?
Have you got only one CAS Server that supports OWA and POP? What about if you use the mail.public-domain.com Servername as the name of the POP3 Server in client configuration. In this case I dont expect any certificate errors.
If you want to correct this please use SAN (Subject Alternative Name) Certificates which contain more then one name.
regards Thomas Paetzold visit my blog on: http://sus42.wordpress.com
Free Windows Admin Tool Kit Click here and download it now
February 17th, 2012 1:07pm
Hi,
Ok, this means that you get an certificate error if you use this certificate because your POP3 Server is not listed in this certificate?
Have you got only one CAS Server that supports OWA and POP? What about if you use the mail.public-domain.com Servername as the name of the POP3 Server in client configuration. In this case I dont expect any certificate errors.
If you want to correct this please use SAN (Subject Alternative Name) Certificates which contain more then one name.
regards Thomas Paetzold visit my blog on: http://sus42.wordpress.com
February 17th, 2012 1:07pm
Thanks to all for your help!
At last, it was a problem with the certificate. I changed POP3 to the certificate with FAQN name, and it works.
I use the public name certificate for OWA and the FAQN certificate for POP3.
Un saludo! Juan Segura
Free Windows Admin Tool Kit Click here and download it now
February 19th, 2012 5:35pm