Exchange System Manager Problem - "Folders, SSL Cert"

Discussion in 'Windows Small Business Server' started by Scott Davis, Aug 19, 2004.

  1. Scott Davis

    Scott Davis Guest

    Hi, All!

    Okay, Here's what I've done --

    Installed my SBS2003, with Exchange.
    Installed a 3rd party SSL Certificate (freessl.org)

    When I launch my Exchange System Manager, drill down (Administrative
    Groups - first administrative group - Folders - Public Folders) ..

    I get this error message:

    "The SSL certificate server name is incorrect.
    ID no: c103b404"

    In my Event Viewer (System):
    Source: Schannel, Event ID 36884

    "The certificate received from the remote server does not contain the
    expected name. It is therefore not possible to determine whether we are
    connecting to the correct server. The server name we were expecting is
    <Servername>.<domain>.Local. The SSL connection request has failed.
    The attached data contains the server cert"

    Attached Data:

    -- Looks like raw data from etrust (the FreeSSL cert provider?).


    ============================

    So, I'm thinking the ESM is looking for the MS-Generated SSL Cert,
    Specifically, and not finding it (duh - I ripped it out!).

    Any hints or tips about this would be VM appreciated.

    Thanks!

    -- Scott.







    --
    ====================================================
    Scott Davis, 45 Dunfield Av, Unit 2117
    Self-Employed Toronto, ON, Canada, M4S 2H4
    Tech Consultant (416) 432-4334
    ====================================================
     
    Scott Davis, Aug 19, 2004
    #1
    1. Advertisements

  2. 324345 You receive an SSL Certificate error message when you view public
    http://support.microsoft.com/?id=324345

    Ray Fong
    Microsoft SBS Product Support

    This posting is provided "AS IS" with no warranties, and confers no rights.
     
    Ray Fong [MSFT], Aug 19, 2004
    #2
    1. Advertisements

  3. Scott Davis

    Scott Davis Guest

    Ray,

    I removed the SSL requirement for the ExAdmin directory. The result is
    the same.

    That article indicates that the FQDN of the server must be listed on the
    SSL cert (assumed for the "Default Web Site") ..

    I've used my "WEB" address (wm.MyOrg.Com) instead of my INTERNAL FQDN --
    (server.dom.local).

    Any more clues, anyone?

    Thanks!

    - Scott.






    --
    ====================================================
    Scott Davis, 45 Dunfield Av, Unit 2117
    Self-Employed Toronto, ON, Canada, M4S 2H4
    Tech Consultant (416) 432-4334
    ====================================================
     
    Scott Davis, Aug 20, 2004
    #3
  4. Scott Davis

    Scott Davis Guest

    Update:

    I called PSS and opened a $245/USd support ticket for this one.

    After we brought IIS, Exchange and (the original SBS) engineer on the
    phone...


    We decided to "rip out" my 3rd party cert -- then re-install it.


    None of us (including the Exchange and IIS engineers) know what exactly
    we did, but it appears to have worked -- so here are the steps that I
    took, generally:

    1) Follow default SBS2003 install.
    2) De-Install SBS2k3 SSL cert.
    3) Install FreeSSL (cheap, good!) cert.
    4) Find that ESM dosen't show Public Folder details (per below)
    5) De-install 3rd party SSL cert
    6) Re-Install 3rd party SSL cert

    7) Sit back, watch ESM (ExSysMgr) do the stuff.. no probs.



    A) I dunno what's up with FQDN/SSL Certs..
    B) I dunno what it'll do to the readers/kids..

    ... and Voila, ESM showed me my PFs.

    Makes no sense -- and I'm pursuing it, with the help of my primary on
    the case.. as a "new" KB article based on my call.


    Note to all MFC/MPP - whatever notarized MS supporters --


    I'd VERY much appreciate it if you'd recognize these multi-product
    problems -- and point US administrators to either email PSS, $245 PSS,
    or other...

    if and when we find problems that are too complex to solve via 2-3
    posts/responses.

    Doing otherwise (coming up with NOTHING USEFUL) is poor interaction.

    Sure, I know you MS-Supported MVPs/MV-Whatevers.. are helpful for most
    folks. Unfortunately, when your lack of knowledge goes -- give it up.
    Just admit that you don't know.

    No fooey, nothing frustrates me more than thinking "got an MVP response
    this morning!" -- chances are I'll get *_NOTHING_* from here on in..










    --
    ====================================================
    Scott Davis, 45 Dunfield Av, Unit 2117
    Self-Employed Toronto, ON, Canada, M4S 2H4
    Tech Consultant (416) 432-4334
    ====================================================
     
    Scott Davis, Aug 21, 2004
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.