Warning message when you start Outlook 2007 and then connect to a mailbox that is hosted on an Exchange 2007: Security certificate is invalid.
I've search the Internet to find the solution with my user running Outlook 2007 connecting to Exchange Server 2007 and no success, untill this article. Here's the summary of my tasks.
SYMPTOMS
When you start Microsoft Office Outlook 2007 and then connect to a mailbox that is hosted on a mailbox server that is running Microsoft Exchange Server 2007, you receive the following security warning message:
The name of the security certificate is invalid or does not match the name of the site.
CAUSE
You replace the default self-signed Exchange 2007 certificate with a different certificate.
By default, the URL that is stored in these objects references the NetBIOS name of the server. For example, a URL that resembles the following URL is stored:
https://NetBIOS_name.contoso.com/autodiscover/autodiscover.xml
This may differ from the host name that is used in the FQDN of the replacement certificate. For example, the replacement certificate may have an FQDN that resembles the following FQDN:
mail.contoso.com
This issue causes a name mismatch error to occur. Therefore, you receive the security warning message when you try to connect Outlook 2007 to the mailbox.
RESOLUTION
To resolve this issue, modify the URLs for the appropriate Exchange 2007 components. To do this, follow these steps:
1. Start the Exchange Management Shell.
2. Modify the Autodiscover URL in the Service Connection Point. The Service Connection Point is stored in the Active Directory directory service. To modify this URL, type the following command, and then press ENTER:
Set-ClientAccessServer -Identity CAS_Server_Name -AutodiscoverServiceInternalUri https://mail.contoso.com/autodiscover/autodiscover.xml
3. Modify the InternalUrl attribute of the EWS. To do this, type the following command, and then press ENTER:
Set-WebServicesVirtualDirectory -Identity "CAS_Server_Name\EWS (Default Web Site)" -InternalUrl https://mail.contoso.com/ews/exchange.asmx
4. Modify the InternalUrl attribute for Web-based Offline Address Book distribution. To do this, type the following command, and then press ENTER:
Set-OABVirtualDirectory -Identity "CAS_Server_name\oab (Default Web Site)" -InternalUrl https://mail.contoso.com/oab
5. Modify the InternalUrl attribute of the UM Web service. To do this, type the following command, and then press ENTER:
Set-UMVirtualDirectory -Identity "CAS_Server_Name\unifiedmessaging (Default Web Site)" -InternalUrl https://mail.contoso.com/unifiedmessaging/service.asmx
6. Open IIS Manager.
7. Expand the local computer, and then expand Application Pools.
8. Right-click MSExchangeAutodiscoverAppPool, and then click Recycle.
Source: http://support.microsoft.com/kb/940726
SYMPTOMS
When you start Microsoft Office Outlook 2007 and then connect to a mailbox that is hosted on a mailbox server that is running Microsoft Exchange Server 2007, you receive the following security warning message:
The name of the security certificate is invalid or does not match the name of the site.
CAUSE
You replace the default self-signed Exchange 2007 certificate with a different certificate.
By default, the URL that is stored in these objects references the NetBIOS name of the server. For example, a URL that resembles the following URL is stored:
https://NetBIOS_name.contoso.com/autodiscover/autodiscover.xml
This may differ from the host name that is used in the FQDN of the replacement certificate. For example, the replacement certificate may have an FQDN that resembles the following FQDN:
mail.contoso.com
This issue causes a name mismatch error to occur. Therefore, you receive the security warning message when you try to connect Outlook 2007 to the mailbox.
RESOLUTION
To resolve this issue, modify the URLs for the appropriate Exchange 2007 components. To do this, follow these steps:
1. Start the Exchange Management Shell.
2. Modify the Autodiscover URL in the Service Connection Point. The Service Connection Point is stored in the Active Directory directory service. To modify this URL, type the following command, and then press ENTER:
Set-ClientAccessServer -Identity CAS_Server_Name -AutodiscoverServiceInternalUri https://mail.contoso.com/autodiscover/autodiscover.xml
3. Modify the InternalUrl attribute of the EWS. To do this, type the following command, and then press ENTER:
Set-WebServicesVirtualDirectory -Identity "CAS_Server_Name\EWS (Default Web Site)" -InternalUrl https://mail.contoso.com/ews/exchange.asmx
4. Modify the InternalUrl attribute for Web-based Offline Address Book distribution. To do this, type the following command, and then press ENTER:
Set-OABVirtualDirectory -Identity "CAS_Server_name\oab (Default Web Site)" -InternalUrl https://mail.contoso.com/oab
5. Modify the InternalUrl attribute of the UM Web service. To do this, type the following command, and then press ENTER:
Set-UMVirtualDirectory -Identity "CAS_Server_Name\unifiedmessaging (Default Web Site)" -InternalUrl https://mail.contoso.com/unifiedmessaging/service.asmx
6. Open IIS Manager.
7. Expand the local computer, and then expand Application Pools.
8. Right-click MSExchangeAutodiscoverAppPool, and then click Recycle.
Source: http://support.microsoft.com/kb/940726
Comments
Post a Comment