Hi all, Here is my setup: W2k8R2 DC (also Root CA) W2k8R2 Exchange 2010 (CAS, Mailbox, Hub) I created a multi domain certificate (with the name for use in RPC/HTTPS on the top) using Powershell and validated it using my internal root CA Outlook Anywhere is set to use NTLM I always have the pop up windows for login password that show on the Outlook of the client computer (member of the domain) I run the test from www.testexchangeconnectivity.com and here is the result I have: Testing RPC/HTTP connectivity RPC/HTTP test failed Test Steps Attempting to resolve the host name webmail.test.com in DNS. Host successfully resolved Additional Details IP(s) returned: w.x.y.z Testing TCP Port 443 on host webmail.test.com to ensure it is listening and open. The port was opened successfully. Testing SSL Certificate for validity. The SSL Certificate failed one or more certificate validation checks. Test Steps Validating certificate name Successfully validated the certificate name Additional Details Found hostname webmail.test.com in Certificate Subject Common name Validating certificate trust Certificate trust validation failed Additional Details Certificate chain could not be built. You may be missing required intermediate certificates. Do you know the answer bec I don't use any secondary CA in my infrastructure (I just ahve a root CA). Thx a lot

On Fri, 2 Apr 2010 04:17:06 +0000, PM-Bkk wrote:>>>Hi all, >>Here is my setup: >>W2k8R2 DC (also Root CA) >>W2k8R2 Exchange 2010 (CAS, Mailbox, Hub) >>I created a multi domain certificate (with the name for use in RPC/HTTPS on the top) using Powershell and validated it using my internal root CA >>Outlook Anywhere is set to use NTLM >>I always have the pop up windows for login password that show on the Outlook of the client computer (member of the domain) >>I run the test from www.testexchangeconnectivity.com and here is the result I have: >>Testing RPC/HTTP connectivity RPC/HTTP test failed Test Steps Attempting to resolve the host name webmail.test.com in DNS. Host successfully resolved Additional Details IP(s) returned: w.x.y.z Testing TCP Port 443 on host webmail.test.com to ensure it is listening and open. The port was opened successfully. Testing SSL Certificate for validity. The SSL Certificate failed one or more certificate validation checks. Test Steps Validating certificate name Successfully validated the certificate name Additional Details Found hostname webmail.test.com in Certificate Subject Common name Validating certificate trust Certificate trust validation failed Additional Details Certificate chain could not be built. You may be missing required intermediate certificates. Do you know the answer bec I don't use any secondary CA in my infrastructure (I just ahve a root CA). The testexchangeconnectivity.com site has no way to access your CA so it will never pass this test. For it to work you'd have to installyour private CA's root certificate into the certificate store on themachine running the web site.Spend the US$40 and get a certificate from a public CA (GoDaddy'spretty inexpensive and it usually works okay).---Rich MatheisenMCSE+I, Exchange MVP--- Rich Matheisen MCSE+I, Exchange MVP

Is it sure this will solve my problem with Outlook Anywhere? Thx PMPM

On Sun, 4 Apr 2010 12:59:00 +0000, PM-Bkk wrote:>>>Is it sure this will solve my problem with Outlook Anywhere? It will solve at least one of your problems. Since you don't seem tobe able to move beyond that one problem I can't say what other thingsyou might find wrong later.---Rich MatheisenMCSE+I, Exchange MVP--- Rich Matheisen MCSE+I, Exchange MVP

Hi, Sorry for not giving any update for a long time, but new job... So, now, I have decided to buy a Multi Domain Name SSL certificate, uninstalled the Exchange 2010 and reinstalled it. I also installed the certificate... and same problem with the Outlook Anywhere... it asks my log and pass all the time And now, if I don't use Oulook ANywhere, it also ask me log and pass sometime... Really weird. Idid a check at https://www.testexchangeconnectivity.com and here is the result I received: ExRCA is testing RPC/HTTP connectivity. The RPC/HTTP test failed. Test Steps Attempting to resolve the host name webmail.test.com in DNS. <span style="font-family: "Tahoma","sans-serif"; color: black; font-size: 8.5pt; mso-fareast-font-family: 'Times New Roman'; mso-fareast-lan PM

What are the DNS name which you put in certificate? It is fully coverd your exchange enviroment name? Please post the complete error while doing RPC/HTTP test E.g. Autodiscover.contoso.com - for autodiscover Contoso.com - external domain name Contoso.local - internal domain name Server01.contoso.local - FQDN exchange server name Mail.contoso.com - webmail URL

Hello Friend, I seen your question & I think you have certificate error during the outlook any where, can you please tell me on the CAS you have public certificate with multiple subject alternative name foor outlook anywhere also, you required a public certificate on outlook anywhere client, because this client will not be trust your internal certificate, so please try to assign public certificate on CAS & outlook anywhere clients also, I hope this will be help you, if you find this helpful, please mark it as Answers.Arun Chaudhary MCP,MCTS Win Server 2008,MCITP Exchange 2010 Visit my Blog- http://arunmsexchange.blogspot.in