Hello,
I have certificate issues at a Customer after we did an upgrade from Ex2007 to Ex2013 that seems impossible to fix, maybe I have configured something wrong....let´s see what the experts say :)
The problem is that when users connect Outlook 2013 to Exchange...after approx 1min 2 certificatewarnings popup.First for ex2013.company.local and then for autodiscover.company.local, if the user saysNo to the question all is fine and no more certificatewarning until next time they login (RDS 2012 Server) and start Outlook2013. If they say Yes to the warning instead...which I assure you happens, the RPC / Proxy Connection in Outlook Changes to autodiscover.company.se and they get a regular login popup window everytime the start Outlook instead, then we have to reconfigure the RPC Proxy to mail.company.com again......until next time it happens, no a solid solution for sure.
We bought a new 3rd party Geotrust Cert without SAN for the customer, thus CN= mail.company.com which I understood should work with Ex2013 ?
I didn´t want to buy a cert with the internal FQDN / DNS EX2013 as SAN which we used to do with Ex2007 as it´s not supported from 2015 sometime to have internal IP / DNS / FQDN in the SAN. As I understand it, if we had done that we woudl not be facing this issue now.
I have configured all VirtualDirectories to mail.company.com for both internal / external.Verified with Powershell. Apart from get-AutodiscoverVirtualDirectory which shows nothing at all for External/ InternalURL. I don´t see in any guides that it´s a requirement to set it?
Split DNS is setup, mail.company.com and autodiscovery.company.com with a CNAME entry in Forward Zone for company.com pointing to FQDN of the EX2013 server in Forward Zone of company.local
When I try Connectivity Analyzer Tool internally it shows no errors, ExRCA shows all OK externally also.
In external DNS both mail.company.com / autodiscover.company.com resolves correctly to external IP.
All ideas very welcome.
Thx /Tony
