The name on the Security Certificate is invalid or does not match the name of the site

Problem:

You get the following message in Outlook:

The name of the security certificate is invalid or does not match the name of the site

Solution:

When you installed the SSL, certain parameters weren’t setup properly.

For this solution we will use mail.mitconsulting.ca as the external CName or A record that points to your Exchange environment. Please substitute your address for mail.mitconsulting.ca. Replace EXCHANGE-MAIL with your server name.

  1. Load Exchange Management Shell
  2. Run Get-ClientAccessServer | fl
    1. The results should show you (under AutoDiscoverServiceInternalUri) something along the lines of https://site/Autodiscover/Autodiscover.xml
    2. This is wrong, site should be replaced with mail.mitconsulting.ca
    3. Replace the items in red with your info
    4. Run the following command: Set-ClientAccessServer -Identity EXCHANGE-MAIL -AutodiscoverServiceInternalUri https://mail.mitconsulting.ca/autodiscover/autodiscover.xml
  3. Run Get-WebServicesVirtualDirectory | fl
    1. The results should show you (under InternalUrl and ExternalURL) something along the lines of https://site/EWS/Exchange.asmx
    2. This is wrong, site should be replaced with mail.mitconsulting.ca
    3. Replace the items in red with your info
    4. Run the following command: Set-WebServicesVirtualDirectory -Identity “EXCHANGE-MAIL\EWS (Default Web Site)” –InternalUrl https://mail.mitconsulting.ca/ews/exchange.asmx
    5. Run the following command: Set-WebServicesVirtualDirectory -Identity “EXCHANGE-MAIL\EWS (Default Web Site)” –ExternalUrl https://mail.mitconsulting.ca/ews/exchange.asmx
    6. If you get an error message, odds are your Default Web Site name is wrong
    7. When you run Step 3, the second line (under Name), gives you the correct info.
      1. In my case it says, EWS (SBS Web Applications)
  4. Run Get-OABVirtualDirectory | fl
    1. The results should show you (under InternalUrl and ExternalURL) something along the lines of https://site/OAB
    2. This is wrong, site should be replaced with mail.mitconsulting.ca
    3. Replace the items in red with your info
    4. Run the following command: Set-OABVirtualDirectory -Identity “EXCHANGE-MAIL\OAB (Default Web Site)” –InternalURL https://mail.mitconsulting.ca/OAB
    5. Run the following command: Set-OABVirtualDirectory -Identity “EXCHANGE-MAIL\OAB (Default Web Site)” –ExternalURL https://mail.mitconsulting.ca/OAB
    6. If you get an error message, odds are your Default Web Site name is wrong
    7. When you run Step 4, the second line (under Name), gives you the correct info.
      1. In my case it says, OAB (SBS Web Applications)
  5. Exchange 2010 and SBS 2011
    1. Run Get-ActiveSyncVirtualDirectory | fl
    2. The results should show you (under InternalUrl and ExternalURL) something along the lines of https://site/Microsoft-Server-ActiveSync
    3. This is wrong, site should be replaced with mail.mitconsulting.ca
    4. Replace the items in red with your info
    5. Run the following command: Set-ActiveSyncVirtualDirectory -Identity “EXCHANGE-MAIL\Microsoft-Server-ActiveSync (Default Web Site)” -InternalURL https://mail.mitconsulting.ca/Microsoft-Server-Activesync
    6. Run the following command: Set-ActiveSyncVirtualDirectory -Identity “EXCHANGE-MAIL\Microsoft-Server-ActiveSync (Default Web Site)” -ExternalURL https://mail.mitconsulting.ca/Microsoft-Server-Activesync
    7. If you get an error message, odds are your Default Web Site name is wrong
    8. When you run Step 4, the second line (under Name), gives you the correct info.
      1. In my case it says, Microsoft-Server-ActiveSync (SBS Web Applications)
  6. Exchange 2007
    1. Run Get-UMVirtualDirectory | fl
    2. The results should show you (under InternalUrl and ExternalURL) something along the lines of https://site/UnifiedMessaging/Service.asmx
    3. This is wrong, site should be replaced with mail.mitconsulting.ca
    4. Replace the items in red with your info
    5. Run the following command: Set-UMVirtualDirectory -Identity “EXCHANGE-MAIL\unifiedmessaging (Default Web Site)” -InternalUrl https://mail.mitconsulting.ca/unifiedmessaging/service.asmx
    6. Run the following command: Set-UMVirtualDirectory -Identity “EXCHANGE-MAIL\unifiedmessaging (Default Web Site)” -ExternalUrl https://mail.mitconsulting.ca/unifiedmessaging/service.asmx
    7. If you get an error message, odds are your Default Web Site name is wrong
    8. When you run Step 4, the second line (under Name), gives you the correct info.
      1. In my case it says, UnifiedMessaging (SBS Web Applications)
  7. Then open the IIS Manager Expand Application Pools > MSExchangeAutodiscoverAppPool > Right Click > Recycle.