Exchange 2013 Certificate Question

Similar Messages

• Exchange OWA Certificate Question

  Hello All
  I just have a question regarding exchange owa certificate which is about to expire. (owa.domain.com, autodiscover.domain.com, mail.domain.com )
  I have 
  Site one 
    Mailbox 2013 Server1
    CAS 2013 Server1
    Edge 2013
  Site 2
     Mailbox 2013 Server2
     Cas 2013 Server2
     Edge 2007
  Exchange high availability configured. On ECP I am seeing my OWA certificate about to expire on both CAS on the same day(same cert)
  I would like to create a new certificate, not renew as I have some old domains to remove from the cert.
  My question is, when I create the the new request from ECP - Cas Server1, send to the CA and then install the, how will this reflect for the certificate that is expired on CAS server2? 
  Thanks

  Hi nricki,
  Agree with Hinte, you can export the new certificate which was created in CAS1 server and then import it to CAS2 server.
  The following article for your reference:
  How to Export/Import an SSL Certificate to Multiple Exchange 2013 Servers
  Best regards,
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]
  Niko Cheng
  TechNet Community Support

• Exchange 2013 Certificates for Hybrid Deployment Clarification

   I have an Exchange 2013 servers (CAS and Mailbox on separate server) which I wanted to setup for Hybrid deployment. I already have a certificate acquired from 3rd party with 3 names (mail, autodiscover and owa). the certificate was installed in the
  CAS server. As per the hybrid deployment documentation I need also to install a certificate in the mailbox server, questions:
  1. Can I use the same certificate for installation in the mailbox server?
  2. Can I also use the same certificate in the Hybrid Configuration wizard for the "certificate to use with securing the hybrid mail transport"?
  3. Do I need to include the primary smtp domain (xxxxx.com) in the certificate since current configuration points to the mail.xxx.com as the certificate common name?

  Hi,
  Here are my answers you can refer to:
  1. It depends.
  The certificate used for hybrid secure mail transport must be installed on all on-premises Exchange 2013 Mailbox and Client Access servers.
  If you're configuring a hybrid deployment in an organization that has Exchange servers deployed in multiple Active Directory forests, you must use a separate third-party CA certificate for each Active Directory forest.
  2. Yes. But we recommend that you use a dedicated third-party certificate for any optional AD FS server, another certificate for the Exchange services for your hybrid deployment, and if needed, another certificate on your Exchange servers for other needed
  services or features.
  3. Yes. Here are the minimum suggested FQDNs that should be included on certificates: domain.com, autodiscover.domain.com, edge.domain.com
  For more information, you can refer to the following article:
  http://technet.microsoft.com/en-us/library/hh563848(v=exchg.150).aspx
  If you have any question, please feel free to let me know.
  Thanks,
  Angela Shi
  TechNet Community Support

• MS Exchange 2013 certificate error.

  we just setup Exchange 2013 but I cant configure outlook . it brings two error messages.
  1. There is a problem with a proxy server's security certificate. the name on the certificate is invalid or does not match the name of the target site.
  2. The connection to Microsoft exchange is unavailable. outlook must be online or connected to complete this action

  Hi Stefo266,
  Great checklist from S.Nithyanandham.
  Which method do you setup your Exchange account into Outlook?Automatically or manually? If failed to setup account automatically, please try to setup manually.
  Thanks
  Mavis Huang
  TechNet Community Support

• Exchange 2013 Migration Questions

  Exchange 2013 SP1 to a new server. I just realized that I have been asking migration questions on the "general" forum. Here's the deal:
  We just want to move to a newer server and reuse the "old" server as a DAG member. We have a production exchange 2013 SP1 server and I found that the DB is not on a RAID'ed drive. So, we purchased a server. I installed 2012 R2 and all windows updates.
  Then installed exchange 2013 SP1. Then got our AS/AV software installed. When I boot the new server up and login to ECP, it sees all the exchange users, DB and info. So, I followed:
  http://technet.microsoft.com/en-us/library/dd876926(v=exchg.150).aspx
  to migrate users and current email to the new DB. However, when users logged in their current email was not there. I also tried to use the ECP migration option and this resulted in the same, users old email was not in their inbox. So I had to perform that
  same process on the old DB to get users old email back. I then tried to use the migration option in the ECP->same issue. So as of now, we are on the old DB and things are working fine.
  According to:
  http://technet.microsoft.com/en-us/library/aa997006(v=exchg.65).aspx
  When moving from server to server, the DB filename must be the same. The non-production server does not have the same DB filename. Could this be the problem? Could someone point me to documentation on migrating from server to server

  So I ran Get-Mailbox -Database “Source Database Name” " -ResultSize Unlimited | New-MoveRequest -TargetDatabase “Target Database Name” and moved all the user mailboxes. Then moved the system mailboxes, public folders and
  OAB. Adjusted send connector to reflect new server. Log in as a user, all email is there. Great! Dismount the old DB. Wait a few minutes and user email is still there. Woohoo! Shut down the old exchange server and a few minutes later, all email is gone. Boo!
  Boot the old server back up and mount the old DB, all email is back in user inbox. How do I use only the new DB in exchange 2013?
  So I just dismounted the old DB and all email stays in users inbox?! So it must be something with the old server that did not get moved over but for the life of me I cant figure out what

• Exchange 2013 Archiving question

  Hi all,
  I have a question on Exchange 2013 Archiving. 
  In the Default MRM Policy it has the Default 2 year move to archive tag. 
  When this runs it moves any emails over 2 years old to the users Archive mailbox. 
  I also know it will recreate the folder structure that was in the inbox. 
  My question is once it's moved to the users Archive what policy is applied to the emails and folders by default? 
  When you look at them it just says Using Parent folder Policy. 
  Would the parent folder be the Archive - %username it's self?  Or is nothing applied and the users must go in a assign a tag to it?
  Thanks

  Hi,
  If you apply one retention policy to a mailbox, then this retention policy will be applied to the primary and archive mailbox, this means that the archive mailbox have the same retention policy as primary mailbox.
  Here is an example to help you to understand this.
  You can use a DPT with the Move to Archive action to move items to the archive mailbox in two years, and a DPT with a deletion action to remove items from the mailbox
  in seven years. Items in both primary and archive mailboxes will be deleted after seven years.
  You can refer to the following article for more information.
  http://technet.microsoft.com/en-gb/library/dd297955(v=exchg.150).aspx
  Best regards,
  Belinda Ma
  TechNet Community Support

• IBM Domino to Exchange 2013 Migration question

  I've been tasked with looking into migrating our company of 5500+ Domino users to Exchange 2013.  Currently, my Domino servers spread across the county and not all in one location.  Is there a document/guide that can help me get an understanding
  on what type of environment I can take my hub/spoke Domino environment to in Exchange?  Any guidance would be appreciated. Thanks!

  hi Hoss,
  I have done couple of Migrations from Domino to Exchange Migrations and pretty familiar with this. For this to happen, you have to use a third party tool like Quest or Binary Tree.
  Since you said, 5500+ users, I would recommend you using one of the quest or binary tree tools to assist you with this migration. The key to the migration is the design and planning phase.
  I am familiar with Quest tools and will give you as much as i know but I am sure every other tool out there is pretty similar in terms of functionality.
  you have to purchase Quest licenses and for quest to be installed on your server, you have to go through Quest Professional services or a Quest approved vendor. You cannot install Quest on your own - this is a small drawback that I personally think.
  While your Quest servers are being setup, you have to plan out your Exchange server design and for a 6000 user mailbox, you wont have a big of a deal. I need the hardware information that you have purchased for the Exchange servers? are you going
  to go physical or virtual? I need to know the user message profile in your existing domino environment (how many emails sent/recived /size per day/per mailbox)? I also need your inputs on how many servers are you planning with Exchange 2013 in total (all roles),
  Do you need single item recovery? Do you have any storage contrains? and a 100+ questions. If you get me the answers for what I asked, I am willing to help you with the design fo Exchange 2013.
  Re: Domino:
  What version of domino are you running? What is your max mail file size? how many mailboxes (person documents) how many mail-in databases? how is your user account provisioning currently designed? and so on. user account provisioning could be a challenge
  because you have to introduce a 3rd party app like FIM or CA's User Management apps to work between your Domino and Exchange (during the time of coexistence) and there is a lot to it.
  All the best!
  Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Regards, Siva

• Certificate for Exchange 2013

  Hi
  Do I need to import certificate on mailbox servers

  Agree with Adam. You can go through below article series on managing certificates in Exchange 2013.
  Managing Certificates in Exchange Server 2013 (Part 1)
  Also check below...
  ---- One key difference between Exchange 2010 and Exchange 2013 is that the certificates that are used on the Exchange 2013 Mailbox server are self-signed certificates. Because all clients connect to an Exchange 2013 Mailbox server through an Exchange 2013
  Client Access server, the only certificates that you need to manage are those on the Client Access server. The Client Access server automatically trusts the self-signed certificate on the Mailbox server, so clients will not receive warnings about a self-signed
  certificate not being trusted, provided that the Client Access server has a non-self-signed certificate from either a Windows certification authority (CA) or a trusted third party. There are no tools or cmdlets available to manage self-signed certificates
  on the Mailbox server. After the server has been properly installed, you should never need to worry about the certificates on the Mailbox server. ---- Exchange 2013 certificate
  management UI
  Blog |
  Get Your Exchange Powershell Tip of the Day from here

• Exchange 2010 coexist with exchange 2013

  Hi All ,
  Planning to have a coexistence scenario in my environment which is mentioned below
  Exchange 2010 - ambiguous url in place - OA enabled 
  For mapi/rpc traffic - mail.domain.in -  exchange 2010
  For https traffic - mail.domain.in - exchange 2010
  mail.domain.in will get resolved in to cas array in exchange 2010 .
  After coexistence On our side we are not going to move the mail.domain.in namespace to exchange 2013 , Instead of that we are going to use a new namespace in exchange 2013 for internal outlook anywhere and it will be outlookmail.domain.in and for the remaining
  exchange 2013 services like pop,imap,owa,active sync url's,external OA will be having mail.domain.in as same as exchange 2010 namespace.
  just consider outlookmail.domain.in is available on the san certificate installed in exchange 2013.
  Note : 
  On my ide I would assume Internal outlook 2010 mapi users will connect directly to exchange 2010 servers on the namespace mail.domain.in
  Likewise i would assume Internal outlook anywhere 2013 users will connect directly to exchange 2013 servers on the namespace outlookmail.domain.in
  Services like pop,imap,owa,active sync ,external OA connections for both exchange 2010 and exchange 2013 from the external world will be routed from firewall to exchange 2013 servers .Then https traffic for exchange 2010 mailbox users will be proxied to 2010
  exchange server via exchange 2013 server.
  question : I would like to know above mentioned scenario is possible or not ?
  On my side I know in my environment i am having ambiguous url's in place and at the same time i don't want the exchange 2010 internal outlook users to connect via exchange 2013 rpc over http even though OA is enabled on exchange 2010.
  So simply i can say i need my internal exchange 2010 mailbox users has to connect via tcp/ip.
  All of you tell me your valuable suggestions.
  Regards
  S.Nithyanandham

  Hi,
  Going Straight to the point... and answering your question...
  The scenario above IS possible For a while... But going ahead in the migration process, You'd face problems once the Exch2013 doesn't know how to handle MAPI connections:
  As per Exchange Team...
  In this scenario where both the MAPI/RPC and HTTP workloads are using the same FQDN you cannot successfully move the FQDN to CAS 2013 without
  breaking your MAPI/RPC client connectivity entirely. I repeat, your MAPI/RPC clients will start failing to connect via MAPI/RPC once
  their DNS cache expires after the shared FQDN is moved to CAS 2013.
  As their recommendation, and I would tell you too by experience, the best option is to really use different internal and external URLs for the clients to connect to.
  change your design to use a specific internal-only FQDN for MAPI/RPC clients. If you are in the middle of a 2010 deployment using an Ambiguous
  URL I recommend you change your ClientAccessArray FQDN to a unique name and update the mailbox database RpcClientAccessServer values
  on all Exchange 2010 mailbox databases accordingly. Fixing this item mid-migration to Exchange 2010 or even in your fully migrated environment will ensure any newly created or manually repaired Outlook profiles are protected, but it will not automatically
  fix existing Outlook clients with the old value in the server field. 
  So the overall for this first point is to enable the OA for all internal users, so as to ease the migration process in the future, even if for the time being its not necessary.
  Also another point you should take into consideration is the version of yours OLK versions, as the minimum supported are as per below:
  Outlook 2007: 12.0.6665.5000 (SP3 + the November 2012 Public Update or any later PU)
  Outlook 2010: 14.0.6126.5000 (SP1 + the November 2012 Public Update or any later PU)
  Outlook 2013: 15.0.4420.1017 (RTM or later)
  I don't know the size of you network, but it might be necessary for you to use an inventory tool in order to identify that.
  As advised, its really worthy to have a look at the following article, thus to clarify your view about this issue.
  Ambiguous URLs and their effect on Exchange 2010 to Exchange 2013 Migrations
  From <http://blogs.technet.com/b/exchange/archive/2013/07/17/3574451.aspx> 
  Hope it can help you!
  Cheers,
  Think before you ask, give detail as much as possible, then ask and you will get help! Always have in mind, people do not guess! :)

• Exchange 2007 migration to Exchange 2013

  Hello Exchange experts,
  I’m Planning an Exchange migration (EX07 to EX13) and despite to have read many many tutorials and technet opinions, I cannot see the correct path to migrate. I hope someone can help me.
  - Actual Infrastructure:
       1 Physical server (SERVER_08): DC + Exchange 2007. IP: 192.168.1.10
  - Future Infrastructure:
       1 Physical Server (SERVER_2012R2): DC, GC, FS. IP: 192.168.1.50
       1 Physical Server (EX2013): CAS,Mailbox. IP: 192.168.1.51
  My questions come once I’ve prepared the squema and I have to start with the Exchange Migration. As far as I know, I think the steps and infrastructure behavior will flow in this way:
  Initial State: Only one Exchange2007 installed and all the clients point to this server, and thus in this moment the value of SCP is the initial Exchange Server SERVER_08.
  In SERVER_08 there is one self-certificate with this names: SERVER_08.test.local and SERVER_08 and all the Outlook clients and Windows Phones use this certificate. This works perfectly.
   I install a secondary Exchange (EX2013) in a new server but in the same internal domain (test.local).
  Once the second Exchange server is installed, the SCP is automactly updated with the new SCP pointing to this Exchange 2013 (EX2013).
        So that the clients don’t give them
   a prompt message, the SCP must be changed with PowerShell to point the initial    Exchange Server (SERVER_08). (Right?)
   Create a A register (mail.test.local) pointing to the new Exchange 2013 (EX2013 - 192.168.1.51).
          At this point, I understand that the clients can coexist with both Exchange Servers (EX07/EX13) and no one will be prompted with new certificate issues. Right?
  Once the Mailbox Databases/Connectors are migrated to the new exchange 2013, I need to modify again through PowerShell the SCP value with the new EX2013
   (mail.test.local).
  When the clients open again the Outlook client, will be prompted to agree the new Exchange 2013 certificate and
  everything will work fine during the next 5 years (Exchange 2013 self-certificate lifetime).
  I’ve been reading many tutorials and I want to make sure the steps until coexist both Exchange works fine, and obviously
   if the experts can suggest me something.
  Thanks in advance
  Best Regards
  Tecnico Superior de Sistemas

  There a few things missing in here like the legacy URL specifics, and Outlook client version requirements (do not overlook Outlook, or it will bite you).
  I'm curious about this bit "When the clients open again the Outlook client, will be prompted to agree the new Exchange 2013 certificate and
  everything will work fine during the next 5 years (Exchange 2013 self-certificate lifetime).  "
  You should not be advocating the use of self signed certs, they are not supported for Outlook Anywhere.  Even if this is testing, install a Windows CA and use that to issue certs of
  get a cheap commercial one. 
  Training users it is OK to click here to see the dancing pigs never bodes well :)
  Cheers,
  Rhoderick
  Microsoft Senior Exchange PFE
  Blog:
  http://blogs.technet.com/rmilne 
  Twitter:   LinkedIn:
    Facebook:
    XING:
  Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

• Exchange 2013, Lync 2013, PKI,

  http://social.technet.microsoft.com/wiki/contents/articles/15037.ad-cs-step-by-step-guide-two-tier-pki-hierarchy-deployment.aspx?PageIndex=2&wa=wsignin1.0&CommentPosted=true
  Hi,
  I would like to implement this 2-tier PKI, but for Windows Server 2012 R2 & Windows 8.1 ENT.
  I tried to do the win2013 pki but it failed to validate Exchange 2013 certificate, and a lot more problems, but this article seem very stable and working.
  Just a few questions:
  this is just for test, my setup will be:
  External Domain: test2013.cu.cc   (free cu.cc domain)
                               name servers: NS1.he.net to NS5.he.net
  External Domain: test2013.com (secondary domain, not really needed, from godaddy.com)
                               A   72.252.214.6
                               MX 5 mail2.test2013.com
                     mail2  A  72.252.214.7
                     7        PTR mail2
                     6        PTR test2013.com
  External DNS: dns.he.net (free from he.com. Control all dns stuff for test2013.cu.cc)
            test2013.cu.cc  A  72.252.214.6
                            MX 5 mail.test2013.cu.cc
                            TXT "v=sfp1 mx ipv4:72.252.214.7 mx:test2013.cu.cc mx:test2013.com -all"
                            SPF "v=sfp1 mx ipv4:72.252.214.7 mx:test2013.cu.cc mx:test2013.com -all"
            mail            A 72.252.214.7
          # 72.252.214 rdns (reverse dns use standard octet)
           6                 PTR  test2013.cu.cc
           7                 PTR  mail.test2013.cu.cc
  Internal Domain: test2013.lan
                              A   192.168.0.3
                              NS 192.168.0.3
                              MX  5 mail.test2013.lan
                 mail   A     192.168.0.5
                 DC1     A   192.168.0.3
                 APP1  A   192.168.0.4
                 firewall  A  192.168.0.1
                 lync1    A   192.168.0.6
                lync2    A    192.168.0.7
  Software used:
  Windows Server 2012 R2
  Exchange 2013
  Lync 2013
  VM1 = firewall (clears 5.2)   nic1=72.252.214.6 nic2=72.252.214.7 nic3=192.168.0.1
  VM2 = DC1 (AD/DOMAIN/DNS/DHCP) nic1=192.168.0.3
  VM3 = CA (offline CA) nic1=192.168.0.2 (not connected)
  VM4 = APP1 (Issuing CA) nic1=192.168.0.4
  VM5 = mail (Exchange 2013 CU3) nic1=192.168.0.5
  VM6 = lync1 (Lync 2013 front server) nic1=192.168.0.6
  VM7 = lync2 (Lync 2013 edge server) nic1=192.168.0.7 nic2=72.252.214.8
  How do I setup this infrastructure with all info information provided.
  How to make Exchange 2013 and Lync 2013 live as one on this network.
  How to pass mxtoolbox.com  spf-test, smtp-test, reverse-dns-test  and spam-test.
  How to make Exchange 2013 send all emails immediately, and not put it in draft when you click send.
  How to make exchange 2013 & Lync 2013 certificate from the PKI setup VALID.
  How to make external user access there mailbox using outlook 2013.
  How to make external user access there lync account using lync client & outlook 2013.
  How to fix "Move to DRAF, when click on send" ?

  Hi Fbifido,
  From your description, I would like to clarify the following things:
  1. Exchange 2013 is not supported to run on Windows Server 2012 R2.
  2. For Windows-based users, computers, and services, trust in a CA is established when there's a copy of the root certificate in the trusted root certificate store and the certificate contains a valid certification path. For the certificate to be valid,
  the certificate must not have been revoked and the validity period must not have expired.
  What's more, here is a helpful article for your reference.
  Digital Certificates and SSL
  http://technet.microsoft.com/en-us/library/dd351044(v=exchg.150).aspx
  Besides, in order to avoid confusion and keep track of troubleshooting steps, we usually troubleshoot one issue per thread.
  Hope it helps.
  Best regards,
  Amy
  Amy Wang
  TechNet Community Support

• Exchange 2013 & Exchange 2007 Coexsistance

  We are in the process of migration from Exchange 2007 & Exchange 2013. Question is after decommision all last Exchange 2007 servers, if i want to restore mailbox data from 2007 database will i be able to install new Exchange 2007 server and perform restore.
  Question: Is it possible to install Exchange 2003 or 2007 in a pure Exchange 2010 organization?
  Answer: If this is an Exchange 2010 greenfield environment (an Exchange organization that consists only of Exchange 2010 servers and never had previous versions of Exchange deployed), the answer is no.If
  you have transitioned from Exchange 2007 to Exchange 2010 and the last Exchange 2007 server has already been decommissioned, the answer is again no. You will not be able to install Exchange 2007 at a later time in this organization because
  it’s now considered a pure Exchange 2010 organization.
  Please suggest, what all possible conditions I CANNOT INSTALL NEW EXCHANGE 2007 in my organization later.

  Hello,
  You're right. I'm afraid that there is no way to install pervious exchange version in exchange 2010/2013 organization.
  You can try Ed's suggestion.
  I don't know why you want to restore mailbox data from 2007 database.
  Cara Chen
  TechNet Community Support

• Move Exchange 2013 installation to new virtual machine

  Currently have: 1 virtual server - Server 2012 (DC, Global Catalog), Exchange 2013 CU1 installation (yes I know- dont install Exchange on DC etc etc ... ). Server2012/Exchange2013 is installed on one VMDK, EDB and logs are saved on another VMDK.
  Want to do: Create second virtual machine and install Server 2012 (different name), add it as a member to the same domain (also in the same network), install Exchange 2013, move all mailboxes to the new server, uninstall the old Exchange 2013. 
  Question is- is it possible to somehow unmount the existing database (I am only using one database for mailboxes and public folders) and mount it to the new server or do I have to create a new database on the new server and move the mailboxes there? I've
  heard that the Exchange EDB databases were supposed to be portable between same versions of Exchange. 
  Any advice is appreciated. 

  Hi,
  Agree with Andy, to avoid down time, we can depend on database portability.
  And here are the steps you can refer to:
  1. Install new Exchange server on the member server.
  2. Move Mailbox Database using Database Portability:
  http://technet.microsoft.com/en-us/library/dd876926(v=exchg.150).aspx
  3. Move the public folders (if any), re-home the offline address book, and move your SMTP connectors
  http://support.microsoft.com/kb/822931
  4. Remove the old Exchange server.
  Thanks,
  Angela Shi
  TechNet Community Support
  Thanks for the reply.
  I'm a bit confused on the instructions from
  http://technet.microsoft.com/en-us/library/dd876926(v=exchg.150).aspx- does step 4 instruct me to overwrite the newly created database (on the new server) with the old database and then mount it on the new server? Also, as the public folders are now in
  a mailbox on the same database- aren't they moved with the database without extra hassle?
  Also the link you gave me in Step 3 in your post refers to Exchange 2003.
  Thanks in advance.

• Exchange 2013 don't unassign IIS Services from Certificate Self-Sign

  Hi,
  I Imported a new Public certificate to Exchange 2013 SP1 and assigned IIS Service, but IIS service keep assign to certificate self signed. Now, I have ISS services
  assigned in two certificate (self signed and public certificate), someone have seen it? What do I do now?
  Another question, Can I remove self-signed certificate? Is it any one service tied to Exchange?

  Hi,
  If possible, please provide more parameters(Status, IsSelfSigned etc.) about the certificate with IIS service:
  Get-ExchangeCertificate -Thumbprint
  382E9DCC4CCA38DA488345F7B46114BA91EBB8F0 | FL
  Get-ExchangeCertificate -Thumbprint
  86EE0029EBC8FDCC9F98572602E69F65226BAB76 | FL
  Please restart IIS service by running iisreset /noforce from a command prompt window. If the public certificate is configured correctly and has included all namespaces used for all Internal and external Exchange connections,
  we can remove the self-signed certificate safely.
  Thanks,
  Winnie Liang
  TechNet Community Support

• Exchange 2013 autodiscover finds external & internal SSL certificate causing autodiscover to fail

  <p>Hi:</p><p>I'm currently working on a windows 2012 server, with exchange 2013, lets say our internal domain is "cars.com" and ALSO the case for&nbsp;our external domain. We have purchased an SSL wildcard positive certificate
  *.cars.com so that we could configure Outlook Anywhere, we have created the needed DNS records at godaddy and our internal server, OWA, ECP it all works if you go to&nbsp; <a href="https://bird.cars.com/owa">https://bird.cars.com/owa</a>
  because we have a DNS record for bird in godaddy and out local server, so all of that is working like a pro ! here comes the tricky part, our website is registered in godaddy but hosted by someone else a company called poetic systems; when we test the connection
  with the remote connectivity analyzer website we get a very peculiar error that says SSL certificate not valid, now it provides the name of the certificate it found and is not ours, we found that the hosting company is listening in port 443, therefore, it
  is pulling their self signed certificate also, does anyone have a fix for this, I have done this same setup before for other companies and this is the first time a situation like this happens. I REALLY NEED HELP !!!!!</p>

  Hi,
  According to your description, there is a certificate error when you test Outlook Anywhere connection by ExRCA.
  If I misunderstand your meaning, please feel free to let me know.
  And to understand more about the issue, I’d like to confirm the following information:
  What’s detail error page?
  Check the Outlook Anywhere configuration: get-outlookanywhere |fl
  Check the certificate : get-exchangecertificate |fl
  If you have any question, please feel free to let me know.
  Thanks,
  Angela Shi
  TechNet Community Support