0

So at one of my clients their SSL certificate was up for renewal, and when I renewed it, I did not include their primary External/Internal URL in it (remote.domain.com) instead opting to change everything to mail.domain.com. As far as I can tell, I've changed every instance of the URL, but am still getting a certificate warning in Outlook 2013 that the certificate doesn't match the server, and that it's looking for remote.domain.com

I'm hoping someone can point me in the right direction as to where this would be coming from. Screenshots of the warning and certificate:

http://i.imgur.com/IG6ER6G.png http://i.imgur.com/XGnRgxs.png

[PS] C:\Windows\system32>Get-OWAVirtualDirectory | select name,internalurl,externalurl

Name                         InternalUrl                      ExternalUrl
----                         -----------                      -----------
owa (Default Web Site)       https://mail.domain.com/owa/     https://mail.domain.com/owa/


[PS] C:\Windows\system32>Get-OABVirtualDirectory | select name,internalurl,externalurl

Name                         InternalUrl                      ExternalUrl
----                         -----------                      -----------
OAB (Default Web Site)       https://mail.domain.com/OAB      https://mail.domain.com/OAB

[PS] C:\Windows\system32>Get-ECPVirtualDirectory | select name,internalurl,externalurl

Name                         InternalUrl                      ExternalUrl
----                         -----------                      -----------
ecp (Default Web Site)       https://mail.domain.com/ecp      https://mail.domain.com/ecp


[PS] C:\Windows\system32>Get-ActiveSyncVirtualDirectory | select name,internalurl,externalurl

Name                                    InternalUrl                      ExternalUrl
----                                    -----------                      -----------
Microsoft-Server-ActiveSync (Default... https://mail.domain.com/Micro... https://mail.domain.com/Micro...


[PS] C:\Windows\system32>Get-WebServicesVirtualDirectory | select name,internalurl,externalurl

Name                         InternalUrl                      ExternalUrl
----                         -----------                      -----------
EWS (Default Web Site)       https://mail.domain.com/EWS...   https://mail.domain.com/EWS...
BE77Y
  • 2,667
  • 3
  • 18
  • 23
ElectronicDrug
  • 23
  • 1
  • 6
  • 2
    I'm assuming this is SBS, based on your mention of remote.domain.com. If you were buying a UCC cert, you should have just left that domain reference in the cert, I've found it best to not work against SBS whenever possible. – DanBig Feb 09 '15 at 17:02
  • SBS 2011, yes. Unfortunately wasn't my call or I would've left it in. Trying to standardize all our clients a bit though. – ElectronicDrug Feb 09 '15 at 17:27
  • SBS is already standardized, using remote.domain.com. What are you using for a cert, a wildcard? – DanBig Feb 09 '15 at 17:32
  • Have you tested here: https://testconnectivity.microsoft.com/ – DanBig Feb 09 '15 at 17:40
  • By standardize, I mean by our own processes in that all of our clients use mail.domain.com. The cert is not a wildcard, just a normal cert with up to 5 domains I believe. – ElectronicDrug Feb 09 '15 at 19:52
  • I have ran the microsoft connectivity wizard, and only get two insignificant warnings regarding windows mobile devices and a windows update for Root Certificates. – ElectronicDrug Feb 09 '15 at 19:52

1 Answers1

0

I'll bet it's either Autodiscover, or Outlook Anywhere. Or both.

mfinni
  • 36,144
  • 4
  • 53
  • 86
  • I did a Test Email AutoConfiguration in Outlook and found the line `Attempting URL https://remote.domain.com/Autodiscover/Autodiscover.xml found through SCP` in the log. Where do I change this? – ElectronicDrug Feb 09 '15 at 20:05
  • Nevermind. I was googling for the wrong thing. I set the URL through the following PowerShell command: `Set-ClientAccessServer -Identity SBSSERVER –AutoDiscoverServiceInternalUri https://mail.domain.com/Autodiscover/Autodiscover.xml` – ElectronicDrug Feb 09 '15 at 20:09