Re: The name on the security certificate is invalid or does not match.
- From: "Cliff Galiher" <cgaliher@xxxxxxxxx>
- Date: Mon, 10 Aug 2009 21:59:24 -0600
Asif,
The certificate may be invalid because machines were not properly joined to the domain. Did you use the SBS wizard? Even if the certificate name matches, the root certificate will be untrusted if the machine is not domain joined and thus the certificate is deemed "invalid" for that reason. A properly joined machine gets the root cert from the DC so this error no longer occurs.
If this non-domain machine and you are attempting to use outlook with RPC over HTTP then SBS has a certificate installer package that must be run on the machine to install the root cert as a trusted authority. Alternatively you can purchase a 3rd-party cert that will already be issued from a trusted authority. Your choice. I prefer 3rd party certs simply to ease remote connectivity...
-Cliff
"A-S-I-F" <ASIF@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:F8E29370-D684-4D15-9F53-28FBEB4101F8@xxxxxxxxxxxxxxxx
Hi All,.
1) I am using Windows SBS Server 2008 with Exchange 2007 installed on it.
With all the Certicate configured internally. We haven’t purchased the
Certificate from any outside authority yet.
2) Also, user were getting Error message "The name on the security
certificate is invalid or does not match the name of the site" in outlook, to
resolve this issue I followed the steps mention on
"http://support.microsoft.com/kb/940726"; &
“http://social.technet.microsoft.com/Forums/en-US/exchangesvrclients/thread/697f79e2-ca8f-4a2e-bae5-55d3fa7f703f/?prof=required”;
however I was able run only first command as I was unable to find "EWS
(Default Web Site)", "oab (Default Web Site)", "unifiedmessaging (Default Web
Site)".
3) After reaserching, I run following commands to get the status, location
of WebServicesVirtualDirectory, OABVirtualDirectory & UMVirtualDirectory
[PS] C:\Windows\System32>Get-WebServicesVirtualDirectory | fl
Name : EWS (SBS Web Applications)
Server : PASVR01
InternalUrl : https://sites/EWS/Exchange.asmx
ExternalUrl :
[PS] C:\Windows\System32>Get-OABVirtualDirectory | fl
Name : OAB (SBS Web Applications)
Server : PASVR01
InternalUrl : https://sites/OAB
ExternalUrl :
[PS] C:\Windows\System32>Get-UMVirtualDirectory | fl
Name : UnifiedMessaging (SBS Web Applications)
Server : PASVR01
InternalUrl : https://sites/UnifiedMessaging/Service.asmx
ExternalUrl :
4) Then after getting the correct locations of all the directory I run the
following commands to change the internal url on existing Certs
Set-ClientAccessServer -Identity PASVR01 -AutodiscoverServiceInternalUri
https://pasvr01/owa/autodiscover/autodiscover.xml
Set-WebServicesVirtualDirectory -Identity "PASVR01\EWS (SBS Web
Applications)" -InternalUrl https://pasvr01/owa/ews/exchange.asmx
Set-OABVirtualDirectory -Identity "PASVR01\OAB (SBS Web Applications)"
-InternalUrl https://pasvr01/owa/oab
Set-UMVirtualDirectory -Identity "PASVR01\UnifiedMessaging (SBS Web
Applications)" -InternalUrl https://pasvr01/owa/unifiedmessaging/service.asmx
5) However, this does'nt resolved our issue so run the following commands to
change the external url on existing Certs
Set-WebServicesVirtualDirectory -Identity "PASVR01\EWS (SBS Web
Applications)" -ExternalUrl https://exchange.domain.com/owa/ews/exchange.asmx
Set-OABVirtualDirectory -Identity "PASVR01\OAB (SBS Web Applications)"
-ExternalUrl https://exchange.domain.com/owa/oab
Set-UMVirtualDirectory -Identity "PASVR01\UnifiedMessaging (SBS Web
Applications)" -ExternalUrl
https://exchange.domain.com/owa/unifiedmessaging/service.asmx
6) I also tried running "New-ExchangeCertificate -PrivateKeyExportable $True
-Services “IMAP, POP, IIS, SMTP” -SubjectName “cn=PASVR01" as I have deleted
one of the certicate on this server in past.
7) Following was the status of internal and external URL.
[PS] C:\Windows\System32>Get-WebServicesVirtualDirectory | fl
Name : EWS (SBS Web Applications)
Server : PASVR01
InternalUrl : https://pasvr01/owa/ews/exchange.asmx
ExternalUrl : https:// exchange.domain.com /owa/ews/exchange.asmx
[PS] C:\Windows\System32>Get-OABVirtualDirectory | fl
Name : OAB (SBS Web Applications)
Server : PASVR01
InternalUrl : https://pasvr01/owa/oab
ExternalUrl : https:// exchange.domain.com/owa/oab
[PS] C:\Windows\System32>Get-UMVirtualDirectory | fl
Name : UnifiedMessaging (SBS Web Applications)
Server : PASVR01
InternalUrl :
https://pasvr01/owa/unifiedmessaging/service.asmx
ExternalUrl : https://exchange.
domain.com/owa/unifiedmessaging/service.asmx
10) Still we are facing this issue of "The name on the security certificate
is invalid or does not match the name of the site" in outlook.
PLEASE HELP ME TO RESOLVE THIS ISSUE.
Thanks in Advance,
Asif
- Follow-Ups:
- References:
- Prev by Date: RE: Problem restarting server via rww
- Next by Date: RE: Continual EventID 6398 and 7023
- Previous by thread: The name on the security certificate is invalid or does not match.
- Next by thread: Re: The name on the security certificate is invalid or does not ma
- Index(es):
Relevant Pages
|
