Exchange Server Forums

rpc over http - ssl certificate problem - exchange 2003

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [Microsoft Exchange 2003] >> Server Security >> rpc over http - ssl certificate problem - exchange 2003

Page: [1]

Message

<< Older Topic Newer Topic >>

rpc over http - ssl certificate problem - exchange 2003 - 23.Mar.2011 11:33:20 AM

dave_reap

Posts: 10
Joined: 23.Mar.2011
Status: offline

Hi All,

I have recently setup an sbs 2003 box and all is working well, owa, remote web workplace etc.

What I am having a problem with is setting up rpc/http to allow outlook client machines on the outside to connect to the exchange box

having banged my head of the desk for a week with this I discovered that its a problem with the ssl certificate

using the website www.testexchangeconnectivity.com i can see that its falling down on the following error

Testing RPC/HTTP connectivity.
The RPC/HTTP test failed.

Test Steps

Attempting to resolve the host name server.ccgsolutions.co.uk in DNS.
The host name resolved successfully.

Additional Details
IP addresses returned: 195.62.205.10
Testing TCP port 443 on host server.ccgsolutions.co.uk to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.

Test Steps

Validating the certificate name.
The certificate name was validated successfully.

Additional Details
Host name server.ccgsolutions.co.uk was found in the Certificate Subject Common name.
Certificate trust is being validated.
Certificate trust validation failed.
Tell me more about this issue and how to resolve it

Additional Details
The certificate chain didn't end in a trusted root. Root = CN=server.ccgsolutions.co.uk, CN=companyweb, CN=server, CN=localhost, CN=server.ccg.local

Now what i take from that is that is that its getting as far as verifying the external domain name then when it gets into the server its seeing that the internal name is different than whats on the certificate and rejecting it.

Can anyone tell me how to get around this short of buying a 3rd party certificate?

Cheers,
Dave

Post #: 1

Featured Links*

RE: rpc over http - ssl certificate problem - exchange ... - 23.Mar.2011 12:07:08 PM

natdege

Posts: 7
Joined: 12.Nov.2010
Status: offline

Hi,

Put your certificate in the Trusted Certificate Store on your server. For instruction: http://technet.microsoft.com/en-us/library/cc949119(WS.10).aspx

Hope that helps.

natdege

(in reply to dave_reap)

Post #: 2

RE: rpc over http - ssl certificate problem - exchange ... - 24.Mar.2011 6:53:55 AM

dave_reap

Posts: 10
Joined: 23.Mar.2011
Status: offline

Hi,

Thanks for the quick reply. Having read down that page this looks like something to purchase a proper 3rd party cert?

I cant see anything about moving the cert into "the trusted store" on the server?

is there anything i need to do on the client machine?I installed the server cert using rww and telling it to always trust it, this didnt help

Thanks,
Dave

(in reply to natdege)

Post #: 3

RE: rpc over http - ssl certificate problem - exchange ... - 24.Mar.2011 10:36:30 PM

dave_reap

Posts: 10
Joined: 23.Mar.2011
Status: offline

Ok I sorted it.

You have to add the certificate from the server on the CLIENT machine into the trusted zone or it wont work... once I added it it now works fine.

So stupid that non of the guides that I have read really seem to touch on this...

The easiest way to add it is go to rww over the net on the client pc.. when the page comes up sand says the certificate is bad... click the cert in the address bar and click view certificates and add it to the trusted zone... and that sorts it

Cheers,
Dave

(in reply to dave_reap)

Post #: 4