Hi all.
I've deployed an Exchange 2013 enviroment in my site, which had Exchange 2010. Since I migrated mailboxes to new scenario I'm having some problems. All of them related to Exchange certificates.
First of all I have to say that my topology is 2 mailbox servers in DAG and 2 CAS servers with a windows NLB.
I get my old SSL certificate and imported it into CAS servers and assigned IIS, SMTP, POP & IMAP. First question, should I import that SSL certificate into DAG servers too? Do I have to modify IIS default web site in CAS servers and assign it on NLB ip address?
At now, when I configure Outlook for external users, with manual configuration I get an error. It asks for username and password and it says "wrong username or password", even using domain name before username (domain\user). I checked RPC proxy settings and they are fine. But, on the other hand, if I use automatic configuration, it resolves autodiscover, gets autodiscover.xml and works fine. Then, I check settings again and I see that server isn't mail.server.com, it's aa90123mkasjdl1a@server.com (random caracters before @server.com). In testexchangeconnectivity.com all are ok when I use autodiscover as well, but when I use manual settings I get an error on Ping to RPC proxy, and in the request-id field, it shows the same ramdon letters and numbers. Could be that the error? How can I change RPC proxy settings?
In Outlook 2013, i got an error related to a wrong certificate before it asked for username and password again. How could I watch what is that wrong certificate?
The third question is related to UM. What kind of certificate should I use? I tried with a certificate issued by Exchange ECP, I used mail.server.com as CN and all accepted domains and FQDN of the server in SN. I tried also with a wildcard certificate but either doesn't work.
Any help could be appreciated.
Regards.
** Si crees que esta respuesta te ha sido de utilidad, por favor, marcala como respuesta para ayudar a otros usuarios de la comunidad a encontrarla mas facilmente ** ** If you think about the utility of this answer, please, check as answer to help other community users to find it easily **