A wildcard certificate causes client connectivity issues for Outlook Anywhere

A wildcard certificate causes client connectivity issues for Outlook Anywhere

This topic describes how to troubleshoot Microsoft Office Outlook 2007 client connections when you use Outlook Anywhere to connect to Microsoft Exchange and to deploy a wildcard certificate across Exchange Client access servers in your organization Problem. It is recommended to purchase a GeoTrust wildcard certificate.

When you need the Exchange organization to use a wildcard certificate for any server that is running Exchange Server 2007 and that has the Client Access server role installed, you must configure the settings for the Autodiscover service so that the Outlook Anywhere client can successfully connect to the server. To do this, run the Set-outlookprovider cmdlet in the Exchange Management Shell on the Client Access server. The Set-outlookprovider cmdlet changes the certprincipalname parameter of the EXPR Outlook provider. This sets the principal name for the Outlook Anywhere connection. Before the Autodiscover service picks these changes, the Outlook 2007 client will not be able to connect to the server and will receive an error message stating that the certificate has expired.

In general, you can resolve this issue by running the Set-outlookprovider cmdlet. However, sometimes connectivity problems persist. When this issue occurs, Outlook 2007 users can resolve this issue by changing their connection settings.

If the first step is unsuccessful, the user performs a second step on the client computer in Outlook 2007.

To configure Autodiscover settings by using the Exchange Management Shell with the Set-outlookprovider cmdlet

Run the following command:

Set-outlookprovider-identity Expr-certprincipalname msstd:*.contoso.com

To change the Outlook 2007 connection settings to resolve certificate errors

In Outlook 2007, on the Tools menu, click Account Settings.

Select the e-mail address that is listed under Name, and then click Change.

Click More Settings.

On the Connections tab, click Exchange Agent Settings.

Select the Use SSL connections only check box.

Select the Connect only to a proxy server with this principal name in its certificate: check box, and then enter msstd:*.contoso.comin the box that follows.

Click OK, and then click OK again.

Click Next.

Click Finish.

Click Close.

When you exit Outlook and open it again, the new settings take effect.

A wildcard certificate causes client connectivity issues for Outlook Anywhere