User Profile
PowerWindows
Copper Contributor
Joined 3 months ago
User Widgets
Recent Discussions
Download Domains - CVE-2021-1730 - issue with missing SAN certificate ?
Hi gents, I have Exchange 2019 with almost recent patch installed Version 15.2 (Build 1544.4) Few months ago I configured required steps to mitigate CVE-2021-1730 and it worked for sure. Now customer reported that during OWA browsing while attempting to download attachment, he's getting an error about unsafe connection ( certificate error occurs when trying to retrieve attachments). In details while clicking on the attachment, default OWA name is redirected from the default url webmail.domain.com to the attachments.webmail.domain.com. Then the error is showing up about the certificate "net::ERR_CERT_COMMON_NAME_INVALID". Currently for OWA site there is attached dedicated certificate with *.domain.com. The url for download domain (internally and externally) is pointing through CNAME url attachments.webmail.domain.com. The name of the domain is included in certificate SAN entry, but it's for whole domain *.domain.com, not explicitely for attachments,webmail.domain.com. Is it possible that despite having asteriks in the certificate domain name, dedicated SAN name is required ?168Views0likes1Comment
Groups
Recent Blog Articles
No content to show