Skip to main content

Solving "The name of the security certificate is invalid" error

We purchase SSL Certificate to get secure when we use Outlook Web Access with Exchange Server.

We use the External Domain URL for OWA when we purchase SSL Certificate.

But the issue can come out when your Internal URL and External URL of Exchange Server are different.

The issue is user will get security alert pop-up when he/she open outlook client everytime.



To get rid of this issue, we need to change the Internal URL of OWA on Server.

Let's start.

First, run the Exchange Management Powershell as Administrator.

"Use Get-ClientAccessServer | FL" command to collect existing configuration for revert back if something goes wrong.



Next, use "Set-ClientAccessServer -Identity CAS_Server_Name -AutodiscoverServiceInternalUrl https://mail.ictformyanmar.com/autodiscover/autodiscover.xml" command and change the URL accordingly.

Only High-lighted text are need to aware as yours.

After that, go to Exchange IIS Manager and select Application Pools. Then right click on MSExchangeAutodiscoverAppPool and click Recycle.



Fine. We are done!

You can re-check by using Get-ClietAccessServer | FL command to ensure changed URL.

If everything is fine, just close and open the outlook client at user's PC and you won't see any secrutiy pop-up regarding Certificate.

I've use ClientAccess service only on my Server.If you use  WebServicesVirtualDirectory, OABVirtualDirectory and UMVirtualDirectory, you also need to change the URL for these too.

My server is  Microsoft Exchange Server 2007. Powershell command is different and depends on Server Version. So, do not forget to reference Microsoft Powershell Technet Website.


May you all be happy.
(Be knowledgeable, pass it on then)

Comments

Popular posts from this blog

Link Aggregating with Synology NAS and Cisco Switch

I’d like to share how to setup Link Aggregating between Synology NAS and Cisco Switch. I’ve got one Synology NAS with 4 Network Ports and I’m going to use 2 of them. Both Network Port to be as one Logical Link, Fault Tolerance and Load Balancing. To do that, I need to configure Link Aggregating on Synology NAS and EtherChannel with LACP on Cisco Switch. Below is brief steps to do to meet with my requirements. - Get connected Synology NAS and Cisco Switch as shown in picture. - Bonding two Network Ports of Synology NAS and assign IP Address - Configure EtherChannel with LACP in Cisco Switch and add two physical ports as Member. OK. Let’s begin from Synology NAS. - Login to the Synology and go to Control Panel>Network>Create>Create Bond - Select IEEE 802.3ad to get Fault Tolerance and Load Balancing Featureyou’re your switch not support 802.3ad you can only select Fault Tolerance only feature). After that click “Next”. - Choose the network port f

Fortigate guide for Begineer - 6

I would like to explaine how to troubleshoot the Fortigate Unit configured by Transparent Mode in step by step this time. Let's assume, you have one Fortigate Unit that configured as Transparent Mode. But devices from Internal/Private Network unable to access Internet/Public Network through your Fortigate Unit. OK. Let's troubleshoot with following steps, 1) Check the physical network connections between the network and the FortiGate unit, and between the FortiGate unit and the Internet. 2) Check the router and ISP-supplied equipment to make sure it is operating correctly. 3) Verify that you can connect to the internal interface by connecting to the management IP address of the FortiGate unit from the Internal network. From the internal network, attempt to ping the management IP address. If you cannot connect to the internal interface, verify the IP configuration of the PC and make sure the cables are connected and all switches and other devices on the network are powered on a

How to check the vpn user list and session in Cisco ASA 5520?

You've deployed Cisco ASA Firewall and setup Local AAA Server to create useraccount for IPSec VPN usage. As a network administrator, you've responsibility to check and monitor the list of vpn user and active session for security and audit purpose. You can use ASDM GUI to do such task but its handy to do. So, it is better to user CLI for that. Below are some useful commands to check user list and active vpn user sessions. To check user list, use below commands - show run | grep username - show aaa local user To check active vpn user list and sessions, use below commands - show vpn-sessiondb remote | grep Username (This command result will let you know how many user are active) - show vpn-sessiondb remote filter name username (This filter command will let you know details of vpn session user by inserting active vpn username in "username" ) Yes. That's all. Here I show you with Cisco ASA 5520 and its software version is 8.2 (5). May