Re: Ex2007 - SSL
- From: "AM" <imaneophyte@xxxxxxxxx>
- Date: Tue, 16 Jan 2007 15:29:50 -0500
Did you flush the client side cache ipconfig /flushdns and any other DNS
cache? If so I'm at a loss as to what else you can do.
AM
"bob britton" <rbritton@xxxxxxxxxxxx> wrote in message
news:u3d2dlZOHHA.3944@xxxxxxxxxxxxxxxxxxxxxxx
I created an A record WEBMAIL.mycompany.com that points to the same IP
address as WCNODE08.willcare.com
However, Outlook 2007 keeps resolving WEBMAIL.mycompany.com to
WCNODE08.mycompany.com
"AM" <imaneophyte@xxxxxxxxx> wrote in message
news:OzhisHYOHHA.4172@xxxxxxxxxxxxxxxxxxxxxxx
Bob
My suggestion is to remove the internal CNAME for webmail.mycompany.com
as this is the source of the problem. Create a static A record internally
for webmail.mycompany.com this should fix your problem.
AM
"bob britton" <rbritton@xxxxxxxxxxxx> wrote in message
news:Oo4d4WXOHHA.3668@xxxxxxxxxxxxxxxxxxxxxxx
to be clear:
(Internal DNS)
My A record is: WCNODE08.mycompany.com. a CNAME is
WEBMAIL.mycompany.com.
(ExternalDNS)
Our ISP created an A record for WEBMAIL.mydomain.com.
The server name (NETBIOS & DNS) internally really is
WCNODE08.mycompany.com
When I ordered the Cert, I ordered it for WEBMAIL.mydomain.com. I've
applied it, and it works outside.
Internally, the Outlook 2007 clients pop a security warning that the
cert is valid, but that it was issued for a different name.
"AM" <imaneophyte@xxxxxxxxx> wrote in message
news:Ol5gRgQOHHA.1252@xxxxxxxxxxxxxxxxxxxxxxx
Check your DNS records. An A record of the FQDN should not be resolving
to the server name. Are you using CNAMEs internally for the external
FQDN?
AM
"bob britton" <rbritton@xxxxxxxxxxxx> wrote in message
news:O3h4htOOHHA.4100@xxxxxxxxxxxxxxxxxxxxxxx
Hi Folks:
I have an SSL question.
I purchased an SSL certificate for use in ActiveSync and Outlook
Webmail to secure information transfer.
When I purchased my SSL Cert, I used the FQDN of
webmail.mycompany.com.
internally, my ex2007 server name is WCNODE08.mycompany.com.
When I apply the SSL Cert, externally it works fine because it's
accessed via WEBMAIL.mycompany.com.
However, internally, my Outlook 2007 clients start popping up a
warning that the SSL cert was issued for a different name. If I go
into the Outlook 2007 config and try to use the internal alias of
WEBMAIL.mycompany.com, it resolves to WCNODE08.mycompany.com (the name
of the server, not the dns alias).
So here's my question:
How does one properly assign an FQDN for SSL? If I purchase another
SSL Cert registered for WCNODE08.mydomain.com, i'm sure the problem
would be resolved. However, i don't want my users to access or
remember WCNODE08. I want them to use WEBMAIL.willcare.com.
Put it differently, i'm not an SSL expert. I kind of understand the
logic of why the SSL Cert needs to be named properly. but in this day
and age when you have a single server aliased with different names
(mail.mycompany.com, citrix.mycompany.com, imap.mycompany.com), i
can't figure out how to solve the problem because IIS seems to only
allow a single SSL cert, and an SSL Cert does not seem to allow it to
be registered with multiple FQDNs.
Please advise on best practice for this.
.
- Follow-Ups:
- Re: Ex2007 - SSL
- From: Thierry Frache
- Re: Ex2007 - SSL
- References:
- Ex2007 - SSL
- From: bob britton
- Re: Ex2007 - SSL
- From: AM
- Re: Ex2007 - SSL
- From: bob britton
- Re: Ex2007 - SSL
- From: AM
- Re: Ex2007 - SSL
- From: bob britton
- Ex2007 - SSL
- Prev by Date: Setting up external SMTP/DNS
- Next by Date: Re: Setting up external SMTP/DNS
- Previous by thread: Re: Ex2007 - SSL
- Next by thread: Re: Ex2007 - SSL
- Index(es):
Relevant Pages
|
