Forum Discussion
Download Domains - CVE-2021-1730 - issue with missing SAN certificate ?
Hi gents,
I have Exchange 2019 with almost recent patch installed Version 15.2 (Build 1544.4)
Few months ago I configured required steps to mitigate CVE-2021-1730 and it worked for sure. Now customer reported that during OWA browsing while attempting to download attachment, he's getting an error about unsafe connection ( certificate error occurs when trying to retrieve attachments).
In details while clicking on the attachment, default OWA name is redirected from the default url webmail.domain.com to the attachments.webmail.domain.com. Then the error is showing up about the certificate "net::ERR_CERT_COMMON_NAME_INVALID".
Currently for OWA site there is attached dedicated certificate with *.domain.com.
The url for download domain (internally and externally) is pointing through CNAME url attachments.webmail.domain.com.
The name of the domain is included in certificate SAN entry, but it's for whole domain *.domain.com, not explicitely for attachments,webmail.domain.com.
Is it possible that despite having asteriks in the certificate domain name, dedicated SAN name is required ?
OK, we have found an issue which is existing wildcard certificate. I did not knew that certificated for *.domain.com is valid for only 1 level, and does not cover deeper subdomains.
Hence having in the URL additional domain level "attachments" such as attachments.webmail.domain.com is too much , and it's not covered by current certificate.
