Microsoft Reduce Customer Effort Center

Our team drives product feedback based on solid data, it drives proactive issue prevention and ultimately, drives improvements around products based on customer feedback.

Self-Signed Certificate issue when connecting to the exchange server

Self-Signed Certificate issue when connecting to the exchange server

  • Comments 9
  • Likes

- Installing a Self-Signed Certificate as a Trusted Root CA in Windows Vista

If your exchange server is using a self-signed certificate, using either Outlook or OWA to send or receive e-mail, you must install the certificate into the Trusted Root Certification Authorities store in order for RPC over Http to work. This article will explain this situation and how to install the self-signed certificate in Windows Vista.

1. Connect to your OWA site by going to https://host.domainname.com/exchange

You should see the screen above due to the fact that your self-signed cert is not trusted.

2. Choose "Continue to this website (not recommended)".

You should then be presented with your OWA logon page.

3. Click on "Certificate Error" beside the address bar and select view certificates.

If you do not see the Install Certificate option close IE7 and then right click on IE7 and choose run as administrator and load the page again.

4. Once you have the install certificate button available, select "Install Certificate".

5. This will launch the Certificate Import Wizard. Make sure to choose the option "Place all certificates in the following store" and select browse.

6. Select Trusted Root Certification Authorities and click Ok.

7. Click Finish on Completing the Certificate Import Wizard

8. Click yes on the security warning to install the certificate

9. If you want to verify the Certificate has been installed you can load the certificates snap in and you should see it under Certificates -Current User-Trusted Root Certification Authorities-Certificates.

Note:

(1) You can also copy it to the local computer's certificate store so it applies for all users that use the machine.

(2) You can create a group policy object and import this certificate into "Computer Settings\Windows Settings\Security Settings\Public Key Policies\Trusted Root Certification Authorities".  Link the GPO at the domain level to have it apply to all computers in the organization.

 

Comments
  • I followed these steps and even went into the Snap-in and copied the cert to the local computer Trusted Root Certification Authorities\Certificates store and I am still being warned that the Cert is not trusted.  

  • I had this problem also but I did get it working.

    Make sure to run IE7 as administrator. (right click icon)

    When installing the certificate choose "show physical stores" and install to the local computer.

    Restart the browser to test the installation.

  • I am still having problems after installing the certificate as mentioned above on my laptop running Vista with IE7.  I have UAC turned off.  I also ran IE7 as administrator.  I can see the certificate has been installed but continue to get the warning when accessing the website.

    Any ideas?

    When I hit "Send" in OWA it hangs/crashes and IE7 gets restarted.  I have a feeling its related to the above problem.

    Regards.

  • PLgcbm r u crazzy? I told u! I can't read!

  • u1UpEb Cool, bro!

    http://groups.google.com/group/clock-screensaver/web/1

    [url=http://groups.google.com/group/clock-screensaver/web/1]clock screensaver[/url],

    <a href="http://groups.google.com/group/clock-screensaver/web/1">clock screensaver</a>

  • We were running Exchange 2003 SP2 and Outlook 2003/2007. Recently our ssl self cert was expired and exchange server also was configured with certificate authority. So we renew certificate by local certificate authority  and generate certificate for IIS.

    Now our remote users are not able to connect with rpc-over-https connection (some pc was joined with AD some are not) and mixing of Windows XP SP2 / outlook 2003 /2007 and Vista. I have install newly created *.cer to trusted root on client machines but no avail.

    Interestingly those Vista laptops I have recently joined with domain and configured outlook rpc-over-https  is working.

    I have been searching through web but no clue to resolve my issue. Appreciate if anyone can assist me.

    Thank you.

  • We were running Exchange 2003 SP2 and Outlook 2003/2007. Recently our ssl self cert was expired and exchange server also was configured with certificate authority. So we renew certificate by local certificate authority  and generate certificate for IIS.

    Now our remote users are not able to connect with rpc-over-https connection (some pc was joined with AD some are not) and mixing of Windows XP SP2 / outlook 2003 /2007 and Vista. I have install newly created *.cer to trusted root on client machines but no avail.

    Interestingly those Vista laptops I have recently joined with domain and configured outlook rpc-over-https  is working.

    I have been searching through web but no clue to resolve my issue. Appreciate if anyone can assist me.

    Thank you.

  • The best solution is puchase a ssl certificate from service provider for ur mailing solution.

    Enjoy

  • No one can solve a machine when i goes crazy *funny*

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment