Hi,
My client had a single Exchange 2013 server with ~400 mailboxes. Recently we added two more Exchange 2013 servers and created a DAG. When we move a test mailbox to the new database, Outlook (connected internally) throws a certificate error (but if you click past it, it works). I have done the following to remediate:
1. Made sure that the Outlook Anywhere internal and external URL are the same on all three servers (mail.xxx.com.au).
2. Exported the GoDaddy cert from the original Exchange server that has mail.xxx.com.au as one of it's names in the SAN list. Imported it on the two new servers, and bound it to IIS and SMTP (as it was on the original server).
3. Tried configuring A records in the internal DNS server for all three servers (all named mail.xxx.com.au), this caused certificate errors for users who's mailboxes had not yet been moved to the new servers. So deleted these two new records and left the original A record for mail.xxx.com.au.
4. Tried configuring another A record for one of the Exchange servers that with a different DNS name that was also listed on the SAN cert - the test mailbox still got the certificate error in Outlook.
Certificate error:
I have looked at the official documentation and other blog posts but not found any information on how to configure DNS so that the certificate error doesn't appear.
Any help will be most appreciated.
Paul Schnackenburg MCSA, MCSA, MCTS, MCITP, MCT