Outlook SSL error when connecting to new exchange 2013 installation
I've just installed Outlook 2013 and have all the clients connecting to it, however, whenever a client connects via outlook they are prompted with an invalid SSL message for myserver.mydomain.local
. I have a wildcard certificate setup and assigned in IIS for *.example.com
so I understand why the message appears but I am not exactly sure what to do about it and where to start looking without poking random things.
From the research I've done, I can see that this can be caused by the autodiscover service so I have changed the domain DNS records to not use an A record but instead use an SRV record inline with this Microsoft article. Should this be sorting the issue and I am just being impatient with propagation or am I barking up the wrong tree?
This post fixed the issue with an SRV record: Exchange 2013 SSL Warning in Outlook
Edit Interestingly running get-ClientAccessServer | ft identity,AutodiscoverServiceInternalUri
shows my internal FQDN and not my external one which I assume is the issue. I am going to try changing this now.
Make sure the URL fit the certificate.
Issue those command via powershell to validate;
Get-ActiveSyncVirtualDirectory | fl internalurl,externalurl
Get-AutoDiscoverVirtualDirectory | fl internalurl,externalurl
Get-ECPVirtualDirectory | fl internalurl,externalurl
Get-OabVirtualDirectory | fl internalurl,externalurl
Get-WebServicesVirtualDirectory | fl internalurl,externalurl
Change them to make them match the certificate;
Get-ActiveSyncVirtualDirectory -server EXCHANGE | Set-ActiveSyncVirtualDirectory -ExternalUrl 'https://mail.example.com/Microsoft-Server-ActiveSync' -InternalUrl 'https://mail.example.com/Microsoft-Server-ActiveSync'
Get-AutodiscoverVirtualDirectory -server EXCHANGE | Set-AutodiscoverVirtualDirectory -ExternalUrl 'https://mail.example.com/Autodiscover/Autodiscover.xml' -InternalUrl 'https://mail.example.com/Autodiscover/Autodiscover.xml'
Get-ECPVirtualDirectory -server EXCHANGE | Set-ECPVirtualDirectory -ExternalUrl 'https://mail.example.com/ECP' -InternalUrl 'https://mail.example.com/ECP'
Get-OabVirtualDirectory -server EXCHANGE | Set-OabVirtualDirectory -ExternalUrl 'https://mail.example.com/OAB' -InternalUrl 'https://mail.example.com/OAB'
Get-WebServicesVirtualDirectory -server EXCHANGE | Set-WebServicesVirtualDirectory -ExternalUrl 'https://mail.example.com/EWS/Exchange.asmx' -InternalUrl 'https://mail.example.com/EWS/Exchange.asmx'
A example using the GUI there