Forum Discussion

Lussy150's avatar
Lussy150
Copper Contributor
Jan 18, 2023

"The name on the security certificate is invalid..." After changing to trusted CA and updating VDs

Hello,   This is with Exchange 2019. after changing the virtual directories to mail.domain.com (from mail.domain.local) and applying the appropriate certificate, when starting Outlook, the followi...
Exchange Server
outlook
Lussy150's avatar
Lussy150
Copper Contributor
Mar 02, 2023
Ok I.m quite certain now that the internal Autodiscover is causing the certificate mismatch. Of course it will lookup the SCP enty first, which is domain.local. So I guess somehow I need to change the SCP entry without breaking anything or create an internal autodiscover DNS record pointing to mail.domain.com.
Dan_Snape's avatar
Dan_Snape
Bronze Contributor
Mar 05, 2023
Yes...it's usually the Autodiscover record (SCP). I think that was my first response to your issue. Use the "Get-ClientAccessService | select *URI" and that will show you the current values for all your Exchange servers. Each Exchange server will have it's own record. The value should be a name that is on the certificate (ie https://autodiscover.domain.local/Autodiscover/Autodiscover.xml"). You can use the Set-ClientAccessService cmdlet to set the new value
  • Lussy150's avatar
    Lussy150
    Copper Contributor
    Mar 24, 2023
    We ended up recreating the Autodiscover virtual directory. Which had partial success.