I have looked around the forums for a soultion to a problem that is causing me grief. We are running Win2008R2 that has an enterprise CA set up on it. After experementing for a bit we were able to get certificates to validate. The problem is that on one machine we get an attempt to install a 3rd party certificate when outlook is opened. I have looked through both the client PC, as well as the stores on the server in search of the certificate, but have had no luck. I have also loked in active Directory but to no avail as well. I was wondering if there is a tool that would help me to find it. I had tried Certutil but I am not aware of the flags necessary to use. I would like to look it up by its Subject Name if somebody could provide me with the proper flags. The other option I wondered about was going through the registry, but I'm not sure how to know what I am seeing. Does anybody know any tools for this, or one that would work better? Thanks

If application *attempts* to install it is probably is not installed yet, therefore certificate is not exist in your certificate stores.http://en-us.sysadmins.lv

So where would it be. On the client machine it shows the certificate whenever one opens outlook anywhere. The security alert pops up and says that the security certificatewas issed by a company you have chosen not to trust. It also says the security certificate is invalid or does not match the name of the site. If i click on the details, I can see all the info on the certificate. How do I go about getting rid of it?

It looks like that you are talking about exchange server certificate issue. Outlook Anywhere uses RPC over HTTPS. Outlooc use autodiscover.<companyDNSSuffix> as connection addres. Your exchange server must have valid SSL certificate that contains all required names in SAN extension (including regular HTTPS addreses and autodiscover addreses). In addition the certificate is issued by untrusted root. In order to trust this certificate you need to import chain root certificate to local store Trusted Root CAs container: certutil -addstore Root <RootCAcert.crt> if you are a member of AD forest you can publish root certificate to AD: certutil -dspublish -f <RootCAcert.crt> RootCAhttp://en-us.sysadmins.lv

Yes, it is throught the process of installing exchange 2010 that this most likely hapopened, but we have a valid certificate already installed. The strange thing is this is a certificate for Cisco-Linksys, but it is showing up in the certificates on a Windows 7 machine we are testing outlook anywhere with. Even after installing a valid certificate, this one shows up. another weird thing is that on the security warnig I had mentioned it has the old mail servers name on it. I have looked in all the certificate stores trusted and untrusted, as well as active directory and in the certificate store and cannot find it. I have also looked in the old mal servers certificates, but cannot find it. Is there a flag I can use for certutil that would allow me to search by the certificates subject name, or one of the id #'s? Are there any other tools that I c ould use to look this up?

can you show your error messages? p.s. i want to repeat again that the certificate is not available on *client*. This is server certificate so you need to check for a certificate on Exchange server. http://en-us.sysadmins.lv

can you show your error messages?http://en-us.sysadmins.lv