0

We have SBS 2003, and we use DYNDNS. We forward dyndns address 443 to local server ip 443 port.

mycompany.dyndns.org:443 --> server.mycompany.local:443

  • In android phone i can check my mails with Outlook Active Snyc.

  • From remote machine i can check my mails in owa (https://mycompany.dyndns.org/exchange)

    But i can't set up outlook 2013 to remote connect. I installed server.mycompany.local to remote machine trusted cert container, but i got error message:

"There is a problem with the proxy server's security certificate. The name on the security certificate is invalid or does not match the name of the target site.

Outlook is unable to connect to the proxy server. (Error Code 10)"

Is it possible to connect exchange, via dnydns?

Whats the problem?

Thank you

holian
  • 227
  • 1
  • 8
  • 14
  • Is this a self-signed certificate? If so, I'm pretty sure Outlook Anywhere won't work with a self-signed certificate for external clients. – joeqwerty Nov 07 '13 at 20:49
  • Im not sure, but i think the server has self-signed cert. But if not work, how our phone work with it? – holian Nov 07 '13 at 21:22
  • What names were on the cert? Was your DynDNS domain name on their, as well as your FQDN of the local machine? Was it a third party cert or internally signed? You need to find this out first. If it is not a third party cert(like GoDaddy) you need to change that first, then look at other possibilities – Lee Harrison Nov 07 '13 at 21:30
  • @joeqwerty - I've got MAPI over RPC/HTTP in Windows Server 2003 and Exchange 2003 working fine w/ self-signed certs. (I'm embarrassed that the Customer won't upgrade to a modern version of Windows and Excahnge but, for not, it's working...) – Evan Anderson Nov 08 '13 at 03:52
  • @LeeHarrison The cert name is:server.mycompany.local; The Dyndns domain name is mycompany.dyndns.org; The FQDN is server.mycompany.local; I think internally signed, no Godaddy or something like that. – holian Nov 08 '13 at 08:10

1 Answers1

0

Based on what you have said above, it should be noted that Outlook Anywhere requires a certificate from a third party. OWA will work with a self-signed, and generate a certificate warning that can be bypassed, but Outlook Anywhere will not work.

http://exchangepedia.com/2007/08/outlook-anywhere-and-exchanges-self-signed-certificate.html

I should note I think you 'can' use a self-signed certificate for Outlook Anywhere, but you will be required to install the certificate on any external client computers in order for them to connect.

So in short, your customer needs to by a verified certificate from somewhere. A single name cert is not very expensive at all. For example I use GoDaddy and a single name certificate is $70 a year. I'm sure there are cheaper companies out there too.

Now would be a good time to evaluate if they have any other services(or plan on) that will require certificates also.

Lee Harrison
  • 486
  • 1
  • 5
  • 18