Security certificate is invalid or does not match the name of the site Error (Outlook 2007)


Jump to: navigation, search


Outlook 2007 users utilise 'autodiscover' and consequently get a SSL certificate error relating to a mismatch between the name on the SSL certificate and the host name used to access Exchange:

Information you exchange with this site cannot be viewed or changed by others.
However, there is a problem with the site's security certificate.
   X   The name of the security certificate is invalid or does not match the name of the site


As Outlook is accessing SSL via an internal hostname such as exchange-cas.companyabc.local on SSL that is setup for an external host name such as the host names do not match and the above error occurs.


The best solution for this is to change the InternalURL property for various functions and also to set an internal DNS record for the external host name, in this example . After which the following must be done in EMS:

Get-ClientAccessServer -Identity Ex-CAS-Server| FL
Set-ClientAccessServer -Identity Ex-CAS-Server -AutoDiscoverServiceInternalUri

Get-WebServicesVirtualDirectory -Identity  “Ex-CAS-Server\EWS (Default Web Site)”
Set-WebServicesVirtualDirectory -Identity “Ex-CAS-Server\EWS (Default Web Site)” -InternalURL -BasicAuthentication:$true

Get-OabVirtualDirectory -Identity "Ex-CAS-Server\OAB (Default Web Site)"
Set-OabVirtualDirectory -Identity "Ex-CAS-Server\OAB (Default Web Site)" -InternalURL
Personal tools