Re: Exchange 2007 SSL Security Alert on Outlook 2007
- From: "Brian Hoyt" <hoytb@xxxxxxxxxxxxxxxx>
- Date: Fri, 10 Aug 2007 07:31:37 -0400
"Andy David {MVP}" <adavid@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:ih9nb3tefto2tkpm05pafr33cjhum3s62b@xxxxxxxxxx
On Thu, 9 Aug 2007 16:06:07 -0400, "Brian Hoyt"
<hoytb@xxxxxxxxxxxxxxxx> wrote:
I would set up that DNS entry just as a matter of good practices.
"Andy David {MVP}" <adavid@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:nlrmb39p0n36gdeic7jruemip116fkfcsc@xxxxxxxxxx
On Thu, 9 Aug 2007 14:48:55 -0400, "Brian Hoyt"No, but the certificate warning is relating to redmail.domain.rpcs.org not
<hoytb@xxxxxxxxxxxxxxxx> wrote:
My CAS server is known as mail.rpcs.org externally and either
mail.rpcs.org
or redmail.domain.rpcs.org internally. I had gotten the cert for
Exchange
2003 originally for OWA and Outlook Anywhere so I got it specifically
for
mail.rpcs.org. On my Outlook 2007 clients I was getting two prompts due
to
the name on the certificate not matching. I resolved one by running
set-clientaccessserver redmail -autodiscoverserviceinternaluri:
https://mail.rpcs.org/autodiscover/autodiscover.xml
and then I also did
Get-WebServicesVirtualDirectory |
Set-WebServicesVirtualDirectory -InternalUrl
https://mail.rpcs.org/EWS/Exchange.asmx -ExternalUrl
https://mail.rpcs.org/EWS/Exchange.asmx
and verified the OAB setting to be
Server Name Internal Url
External Url
------ ---- ------------
------------
REDMAIL OAB (Default Web Site)
http://mail.rpcs.org/OAB
http://mail.rpcs.org/OAB
I am now trying to figure out what is causing the second prompt to
appear
and fix it as well. I have a multi-year cert that I don't want to waste
to
get a SAN cert. The prompt on some machines comes up right away, others
it
takes 30 min or so. Thanks for any pointers.
Brian Hoyt
Do you have an internal and external DNS entry for
autodiscover.rpcs.org that points to mail.rpcs.org? I am assuming your
SMTP domain address is rpcs.org
autodiscover.rpcs.org. I thought that by setting
autodiscoverserviceinternaluri: I wouldn't need autodiscover? The
security
warning only comes up for internal clients that can see the internal FQDN
as
well as the external one. Yes the MX domain is rpcs.org.
I re-read your post from the beginning, and I am not clear if your
internal DNS entry for that server matches the certificate FQDN.
Internally I have an A record of mail.rpcs.org that points to the same IP as
the AD based FQDN of redmail.domain.rpcs.org. The problem is for some
communication only by Outlook 2007 clients they still try to contact the
redmail.domain.rpcs.org rather than the mail.rpcs.org name. I can't find
anywhere else in the client access config to repoint to mail.rpcs.org. I
haven't found a way to determine what information is being requested to
redmail rather than mail, I suppose I might need to do a trace to find it
out.
.
- References:
- Exchange 2007 SSL Security Alert on Outlook 2007
- From: Brian Hoyt
- Re: Exchange 2007 SSL Security Alert on Outlook 2007
- From: Andy David {MVP}
- Re: Exchange 2007 SSL Security Alert on Outlook 2007
- From: Brian Hoyt
- Re: Exchange 2007 SSL Security Alert on Outlook 2007
- From: Andy David {MVP}
- Exchange 2007 SSL Security Alert on Outlook 2007
- Prev by Date: Remote server did not respond
- Next by Date: Re: Move Public Folders from Exchange 2003 to 2007
- Previous by thread: Re: Exchange 2007 SSL Security Alert on Outlook 2007
- Next by thread: Exchange 2007 SSL Security Alert on Outlook 2007 - Alex Nicoletti
- Index(es):
Relevant Pages
|
