The sha1RSA certificate for our Exchange 2010 server was revoked by our Certificate Authority (GeoTrust) last week, apparently because all sha1 certificates have been deprecated. This blocked users from getting to Outlook Web Access on most browsers.
We were able to get a new certificate, but it does not have any SANs, and our Outlook clients connect to a SAN address xxx.xxx.lan (x's used here for security, but they have server names on them). I've updated all of our Exchange urls to point to mail.yyy.com, which is what our new certificate is for. I followed the tips here:
Now, every time a client computer opens Outlook, a Security Alert pops up with "The name on the security certificate is invalid or does not match the name of the site. Do you want to proceed?" You can click Yes and it will work, but this is obviously a nuisance.
Does anyone know what I can do to fix this? I've tried talking to the GeoTrust tech support team, but they said that they do not provide Exchange support.
Thanks!
- J. J.
We were able to get a new certificate, but it does not have any SANs, and our Outlook clients connect to a SAN address xxx.xxx.lan (x's used here for security, but they have server names on them). I've updated all of our Exchange urls to point to mail.yyy.com, which is what our new certificate is for. I followed the tips here:
Now, every time a client computer opens Outlook, a Security Alert pops up with "The name on the security certificate is invalid or does not match the name of the site. Do you want to proceed?" You can click Yes and it will work, but this is obviously a nuisance.
Does anyone know what I can do to fix this? I've tried talking to the GeoTrust tech support team, but they said that they do not provide Exchange support.
Thanks!
- J. J.
