EDIT 10/4/2007: Since this post has been published, we have updated the Exchange 2007 Autodiscover Service whitepaper to include this information. Please consult the whitepaper for most up-to-date ...
Updated Jul 01, 2019
Version 2.0
Blog Post
Great post guys. Here are a few other tips I recommend in helping with certificate issues:
- Install an Enterprise CA in your environment; all of your domain-joined clients will eventually trust the issue through AD replication. This is a potential time-saver if the bulk of clients are connecting are joined to the domain.
- For non-domain clients (i.e., home PCs) consider the steps in KB297681 for an easy way to allow clients to get to the issuing CA.
- Don't forget about self-signed certificates; technically they work but they are troublesome because they are untrusted
- Finally, don't forget that Outlook for Outlook Anywhere only looks at the "issued to" name on the certificate, not the SANs!
- Install an Enterprise CA in your environment; all of your domain-joined clients will eventually trust the issue through AD replication. This is a potential time-saver if the bulk of clients are connecting are joined to the domain.
- For non-domain clients (i.e., home PCs) consider the steps in KB297681 for an easy way to allow clients to get to the issuing CA.
- Don't forget about self-signed certificates; technically they work but they are troublesome because they are untrusted
- Finally, don't forget that Outlook for Outlook Anywhere only looks at the "issued to" name on the certificate, not the SANs!