I have outlook anywhere authnitication problem , it's not connect using https , it's use TCP/IP instead , I think the problem exist on the exchange certificate name , am geting this error after configuring outlook anywhere . " There is a problem with the proxy server's security certificate , the name on the security certificate is invalid or does not match the name of the target ... " I tried to create new exchange self signed certificate , and when i request the certificate through web from our CA , when i click submit i recieve this error :
Your certificate request was denied. Your Request Id is 0. The disposition message is "Error Parsing Request The request subject name is invalid or too long. 0x80094001 (-2146877439)".
even i type every possible DNS name in the subject name filed while am creating the certificate .
I take it that you are attempting to connect to a mailbox from inside the LAN? What happens when you try to connect from outside the network? What is the internal name of the exchange server? Is this name on the certificate?
Check the properties of the Outlook profile. In the Exchange HTTP Settings page, do you have both "on fast networks, connect using...." and "on slow networks, connect using..." selected??
_____________________________
Ibrahim Benna - Microsoft Exchange MVP Forum Moderator Navantis
Posts: 4093
Joined: 17.Jan.2008
From: Somewhere near London, UK
Status: offline
The self generated certificate within Exchange is not supported for use with Outlook Anywhere or Exchange ActiveSync. If you want to use Outlook Anywhere then you must purchase a certificate. I have outlined the full procedure here: http://www.sembee.co.uk/archive/2008/05/30/78.aspx
yes I am trying to connect to a mailbox from inside my LAN , and basically i want to test from inside the LAN first , i dont try to test it externally .
CAS Server name is cas.mydomain.com , and I type all the possible names inside the self signed certificate including mail.mydomain.com , cas.mydomain.com , casServerName.mydomain.com , autodiscover.mydomain.com , NetBiosCasName .
Yes i did , i checked it to use HTTPS first in both cases ?
What has that got to do with things? That is referring to Wildcard certificates. I made the point that self generated certificates are not supported. Making that post reminded me of an unpublished blog posting, which I have now blogged: http://www.sembee.co.uk/archive/2008/10/16/87.aspx
When I saw this thread I was pretty disheartened. I wanted to use our internal certificate authority to generate the Subject Alternative Name Web certificate. After maybe the 8th iteration of generating the requests I got it. Here was steps:
Posts: 4093
Joined: 17.Jan.2008
From: Somewhere near London, UK
Status: offline
quote:
ORIGINAL: invitro
When I saw this thread I was pretty disheartened. I wanted to use our internal certificate authority to generate the Subject Alternative Name Web certificate. After maybe the 8th iteration of generating the requests I got it. Here was steps:
How long did you spend on that? Is your time worth that little? SAN/UC certificates are US$60 a year. Sometimes you have to simply say enough and do it the correct way.
Unless the server is not exposed to the internet then using an internal CA is close to pointless, as you will get certificate prompts.
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Printable Version
All Forums >> [Microsoft Exchange 2007] >> Outlook Web Access >> Your certificate request was denied 
Your certificate request was denied - 
New Messages
No New Messages
Hot Topic w/ New Messages
Hot Topic w/o New Messages
Locked w/ New Messages
Locked w/o New Messages
Post New Thread
