Certificate Mismatch (Full Version)

All Forums >> [Microsoft Exchange 2010] >> Outlook Web Access


nabberuk -> Certificate Mismatch (3.Jun.2013 9:52:08 AM)

We have a Exchange 2010 install on a Server 2008 R2 OS. It was setup around a month ago, OWA wasn't setup at first as there was no use for it. Well now there is and we're in the process of getting it setup but have hit a road block.

OWA is setup and working using a self-signed certificate which produces a warning (normal for a self-signed one), the problem comes when trying to use ActiveSync. The devices can receive the mail but are unable to send. I've used the testexchangeconnectivity.com to test activesync and get the following error;

"Host name mail.domain.com doesn't match any name found on the server certificate CN=Server."

So i guess i need a new self-signed certificate with the correct external facing domains. I installed the domain certificate services and went through the process of creating a new request in EMC and then getting it confirmed with the certificate services. Now back in EMC i went through the process of getting the pending certificate confirmed. All looked ok and the wizard completed.

The certificate just disappeared though! I've gone through this process a couple of times and each time the certificate disappears after clicking finish at the end of the wizard.

I'm not sure where to look next.

de.blackman -> RE: Certificate Mismatch (3.Jun.2013 9:12:18 PM)

In order for the device to properly connect to exchange, it needs to trust the certificate being used by exchange. A self-signed certificate would mean you need to manually install the certificate on to the device so it is highly recommended you purchase a public certificate with the proper external domain names.

nabberuk -> RE: Certificate Mismatch (5.Jun.2013 7:31:38 AM)

i'm aware that a self-signed cert will bring up errors, but i can't even complete a certificate request. i would image this to be the same for a 3rd part cert too.

de.blackman -> RE: Certificate Mismatch (6.Jun.2013 7:54:20 AM)

If the import wizard completes then the certificate is there but possibly you cannot see it in the console. Run get-exchangecertificate from the server you are importing it on and see if you can see multiple certificates OR add the certificate snap-in for the local computer in an MMC and see the personal certificates.

Can you send some screenshots of the process please?

Page: [1]