Geeks With Blogs
Hornet's Nest A few of Mike Hoerner's Favorite Topics


After we built a new Exchange 2010 Client Access Server and added the new server to the Client Access Server array, several Outlook users started receiving a Security Alert dialog box with a The name on the security certificate is invalid or does not match the name of the site error message when they logged into Outlook.

Cert-Error 

After investigating, we noticed that we forgot to change the InternalUrl name for the Exchange Web Services virtual directory.  By default, the Client Access Server name is part of the InternalUrl name when you build a new Client Access Server.

To fix the problem, we used the following PowerShell commands.

To look up the InternalUrl names for all of your Client Access Servers in the array, type in the following PowerShell command.  Please note this is where we found the InternalUrl name for the new Client Access Server was using the Client Access Server name instead of the Client Access Server array name.

[PS] Get-WebServicesVirtualDirectory

To change the InternalUrl name for the Client Access Server to point to the Client Access array name, type in the following PowerShell command.

[PS] Set-WebServicesVirtualDirectory CASServerName\EWS* –InternalUrl https://CASArrayName/ews/exchange.aspx

To confirm the InternalUrl name has been changed successfully, type in the following PowerShell command.

[PS] Get-WebServicesVirtualDirectory

Posted on Friday, July 2, 2010 4:48 PM | Back to top


Comments on this post: Exchange 2010 Deployment Notes – Certificate Issue

# re: Exchange 2010 Deployment Notes – Certificate Issue
Requesting Gravatar...
I did this and now my certificate is 'no longer valid for Exchange'. This despite the URL being exactly as per the certificate (not self signed, it's a godaddy one).
Left by AndyB on Oct 11, 2010 3:46 PM

# re: Exchange 2010 Deployment Notes – Certificate Issue
Requesting Gravatar...
Thanks for the post. Shouldn't the Internal URL be https://CASArrayName/ews/exchange.asMx instead of https://CASArrayName/ews/exchange.asPx?

Thanks,
-Ryan
Left by Ryan Vossler on Apr 18, 2012 11:12 PM

Your comment:
 (will show your gravatar)


Copyright © BWCA | Powered by: GeeksWithBlogs.net