Proxy server error, The name on the security certificate is invalid or does not match the name on the site
I am using Exchange 2013 with outlook 2013.
After setting up and connecting with outlook I got an error, a dialog box popped up with 2 ticks and a cross relating to the security certificate,
the cross said The name on the security certificate is invalid or does not match the name on the site. Still everything worked.
While reading up on this error I tried the recommendations on this page.
http://support.microsoft.com/kb/940726 using
Set-ClientAccessServer . After this I now get an anew error There is a problem with the proxy server's security certificate, The name on the security certificate is invalid or does not match
the name on the site" and outlook can no longer connect to exchange. I can still use the owa web interface.
If any other data is needed please let me know.
Please help.
Thanks
Alan Mosley - ThatsIT Solutions
January 10th, 2013 11:43pm
Hi,
The problem could be that the InternalHostname configured for Outlook Anywhere, is configured with the ServerFQDN and you didn't include that name in your Certificate.
Please check with:
Get-OutlookAnywhere | fl Internalhostname,Externalhostname
Also See Step4:
Configure Mail Flow and Client AccessMartina Miskovic
Free Windows Admin Tool Kit Click here and download it now
January 11th, 2013 12:59am
Thanks for your help
InternalHostname : mail.it.local
ExternalHostname : mail.thatsit.net.auAlan Mosley - ThatsIT Solutions
January 11th, 2013 2:30am
Hi
The certificate for that domain name (I assume you gave us real info here) is for remote.thatsit.net.au externally which doesn't match mail.thatsit.net.au
which may be why you are getting the error. If this is the only certificate you are using then you should consider buying a UCC certificate which can have multiple names on it.
Cheers, Steve
Free Windows Admin Tool Kit Click here and download it now
January 11th, 2013 3:00am
Yes remote is for remote access on a different server on the network, but this would explain problems from outside using owa, but I am having problems connecting with outlook desktop application.
ThanksAlan Mosley - ThatsIT Solutions
January 11th, 2013 3:09am
So do you have a certificate installed on the Exchange server that has mail.thatsit.net.au included on it?
Free Windows Admin Tool Kit Click here and download it now
January 11th, 2013 3:18am
no only the self signed certificates that were created on setup
Alan Mosley - ThatsIT Solutions
January 11th, 2013 3:26am
OK, Outlook Anywhere does not work with the self signed certificates so you would either need a public UCC cert or a certificate issued by your internal CA. If you are planning to get a public cert it cannot contain .local hostnames so you would need
to use split DNS internally and change the Internal hostnames and URLs to match the external ones.
Steve
Free Windows Admin Tool Kit Click here and download it now
January 11th, 2013 3:46am
Thanks, but this is the east of my problems, my problem is that outlook desktop app can not connect to exchange as stated in my original post.
Thanks
Alan Mosley - ThatsIT Solutions
January 11th, 2013 7:02am
In Exchange 2013 all connections from Outlook clients use the Outlook Anywhere (RPC/HTTP) method to connect so you will need valid certificates even for internal clients.
See this article for more information: http://technet.microsoft.com/en-us/library/jj150540.aspx#BKMK_Arch specifically the paragraph under the 3 bullet
points in the section: Exchange 2013 architecture
Cheers, Steve
EDIT: Also the Deploying Outlook Anywhere section in this article: http://technet.microsoft.com/en-us/library/bb123741.aspx
Free Windows Admin Tool Kit Click here and download it now
January 11th, 2013 7:12am
ok thanks for the article.
but I still think I have a deeper proble, sine I set up I get the error with 2 ticks and a cross relating to the security certificate, the cross said The name on the security certificate is invalid or does not match the name on the site. Still everything
worked.
While reading up on this error I tried the recommendations on this page.
http://support.microsoft.com/kb/940726 using
Set-ClientAccessServer . After this I now get an anew error There is a problem with the proxy server's security certificate, The name on the security certificate is invalid or does not match
the name on the site" and outlook can no longer connect to exchange. I can still use the owa web interface.
will getting a certificate fix the second problem also, it would seem that because I did not have this error before something has changed.
Thanks
Alan Mosley - ThatsIT Solutions
January 11th, 2013 7:58am
OK, Outlook Anywhere does not work with the self signed certificates so you would either need a public UCC cert or a certificate issued by your internal CA. If you are planning to get a public cert it cannot contain .local hostnames so you would need
to use split DNS internally and change the Internal hostnames and URLs to match the external ones.
Steve
Free Windows Admin Tool Kit Click here and download it now
January 11th, 2013 11:40am
Hello,
You need at least
mail.thatsit.net.au and
autodiscover.thatsit.net.au
included in the certificate.
Thanks,
If you have feedback for TechNet Subscriber Support, contact
tnmff@microsoft.comSimon Wu
TechNet Community Support
January 13th, 2013 9:30pm
Hello,
You need at least
mail.thatsit.net.au and
autodiscover.thatsit.net.au
included in the certificate.
Thanks,
If you have feedback for TechNet Subscriber Support, contact
tnmff@microsoft.comSimon Wu
TechNet Community Support
Free Windows Admin Tool Kit Click here and download it now
January 14th, 2013 5:23am