Exchange 2007 Wildcard Certificate Supported in iPhone?

Does the iphone support the use of a wildcard certificate?
Our exchange infrastructure utilises a wildcard (*.companyname certificate) from godaddy. All the windows mobile 6.0 devices work fine however I know that windows mobile 5.0 did not support wildcard certificate, any help would be good.
Thanks.

I've manually installed the client based certificate on the iPhone (a wildcard from Network Solutions), no dice.
Going to try using the server's cert this time...

Similar Messages

  • Exchange 2007 Webmail certificate Renewal

    Hi,
    If any one knows more details about how to renew the webmail certificate in Exchange 2007, Webmail certificate is ging to expire soon ...EventID 12018

    You can use powershell cmdlet Import-ExchangeCertificate to renew the certificate.
    To enable the certificate, execute Enable-ExchangeCertificate -Services IMAP,POP,IIS,SMTP -Thumbprint <cert-thumbprint-here>
    For more info, visit
    https://www.digicert.com/ssl-certificate-renewal-exchange-2007.htm

  • How to export an exchange 2007 owa certificate from production to lab environment

    I'm setting up an Exchange 2007 Lab but I have a trouble regarding exchange's certificate
    Note: My lab environment is not conected to internet
    I've followed the next link but it doesn't work
    https://www.digicert.com/ssl-support/pfx-import-export-exchange-2007.htm
    Once I finished all the steps if I run the next powershell command get-excahangecertificate I see that my exchange certificate has the status as unknown
    I'm not sure if the problem is related with the server is not conected to internet, so exchange is not be able to check the status of the certificate.
    I've tried to turn off the Check for publisher’s certificate revocation option on the server
    To do this, follow these steps.
    Start Internet Explorer.
    On the Tools menu, click Internet Options.
    Click the Advanced tab, and then locate the Security section.
    Click to clear the Check for publisher’s certificate revocation check box, and then click OK.
    After the update rollup installation is complete, turn on the Check for publisher’s certificate revocation option.
    But it still not working
    Could anyone help me?
    Thanks in advance

    Hi Pardo,
    According to your description, I understand that the exchange certificate cannot work and display unknown status after import it.
    If I misunderstand your concern, please do not hesitate to let me know.
    Depending on the results of “Get-ExchangeCertificate | FL”, please pay attention to following points:
    1. RootCAType: Registry
    “An internal, private PKI root CA that has been manually installed in the certificate store.”
    2. Status: Unknown
    “This status generally indicates that the status of the certificate cannot be verified because the certificate revocation list (CRL) is unavailable or this server cannot connect to it.”
    The reason why it failed is that internal Exchange server cannot connect to CRL. As you mentioned, exchange can’t be able to check the status of the certificate.
    More information about Certificate Use in Exchange Server 2007, please refer to
    Certificate Fields and Configuring Access to the Certificate Revocation List
    section in below link:
    http://technet.microsoft.com/en-us/library/bb851505(v=exchg.80).aspx
    However, we can renew a certicate from local CA:
    http://technet.microsoft.com/en-us/library/bb310781(v=exchg.80).aspx
    Best Regards,
    Allen Wang

  • Exchange 2007 SP1 with GoDaddy Cert - iPhone cannot verify cert

    Hi Everyone,
    My school has just moved to Exchange 2007 and I'm trying to connect my iPhone to it. We haven't changed any settings on the Exchange server really that relates to ActiveSync (at least as far as I can tell). We're using a GoDaddy wilcard SSL cert with the site for OWA and (I hope) ActiveSync.
    From what I can see, Apple has included all of the GoDaddy Intermediate and Root certs in OS 3. I have manually installed these certs again on my iPhone (the one I'm testing with) by emailing them to myself. This hasn't helped with the issue...
    When trying to add the Exchange account on the iPhone I'm getting an "Unable to Verify Certificate" error. The error makes no mention of autodiscovery (which it should be using), so I'm not sure if it has anything to do with that. I'm really not sure what to do at this point since we're all new to Exchange, and I only have used my iPhone through Exchange with Google in the past.
    Thanks,
    -MRCUR

    Ever hear anything back on this? I too have an iPhone (3G) and would like to connect it to a GoDaddy Exchange server. No luck so far.

  • Wildcard certificates supported by ACE

    We are considering the use of wildcard certificates for our environment. Is this supported by the ACE when using SSL offloading ?
    regards,
    Sebastian

    be aware that certain mobile device do not support them I believe windows mobile 5.0 is one of them.

  • How to view Exchange 2007 Public folders, calender on iphone

    How to view Exchange 2007 public folders mainly the calenders on the iphone?

    Not possible.
    Sent from my iPad.

  • Exchange 2007 Renew Certificate via IIS Manager

    I am currently in the process of renewing the Exchange 2007 certs and have searched through forums in regards to this topic and can't seem to come across a proper answer. Is it possible to renew the Exchange 2007 cert using the IIS Manager or is Powershell
    the only way of doing so? Under the "IIS Manager > expanding server name > expand websites > default website properties > Directory Security > Server Certificate" you are presented with the option to renew the existing cert. This to
    me seems a lot easier than using shell to request a whole new cert. I am not a fan of the how Powershell can be a bit destructive when requesting a new cert and overwriting the existing one leaving your little ways of backing out if something goes wrong. Can
    someone confirm if using IIS manager is a viable way of renewing the Exchange 2007 cert. I prefer to keep the exact settings of the existing certificates.
    Thank you,
    Emmanuel
    Emmanuel Fumero Exchange Administrator

    Hi
    Yes its possible in Exchange  2010 through EMC . Not sure if this works in Exchange 2007 since i haven't tried renewing through GUI in exchange 2007 and currently do not have any customers running e2k7 to check this option. Probably you can give it
    a try in Exchange 2007 and see if these options are visible. Please check the following,
    When you right-click your Exchange Server, you can select New Exchange Certificate, which will launch the New Exchange Certificate Wizard.
    After defining a friendly name, you are ready to provide all needed information:
    After clicking Finish, you will have a certificate request that you can use ti get a certificate from your own CA, or from an external CA. The Exchange Management Console will show the request as well
    1.Start the Exchange Management Shell. Click Start > Programs > Microsoft Exchange Server 2007, and then click Exchange Management Console.
    2.Click the link to "Manage Databases", and then go to "Server configuration".
    3.Select your certificate from the menu in the center of the screen (The certificate will be listed by the Friendly Name you chose when creating the CSR), and then click the link in the Actions menu to "Complete Pending Request".
    4.Browse to the certificate file you just copied to your server, then click Open > Complete.
    URGENT!! You may receive the following error: "The source data is corrupted or not properly Base64 encoded." You can ignore this error
    5.Press F5 to refresh the certificate list. Verify that it says "False" under "Self Signed".( if its 3rd party or feom CA)
    6.To enable your certificate, return to the Exchange Management Console and click the link to "Assign Services to Certificate."
    Hope this helps
    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as
    Answer” if a marked post does not actually answer your question. This can be beneficial to other
    community members reading the thread.
    Regards
    Sathish

  • Exchange 2007 Autodiscover certificate mismatch

    Hello, the company that I work for is trying to switch from Exchange 2007 SP1 to Office 365.  However, when we try the cutover migration, 365 doesn't recognize our Exchange server.  After a bit of research, I discovered that there is a certificate
    mismatch that is causing the problem.  
    I've been searching for a way to solve this problem for a couple of days now and have not yet found a solution.  We'd like to keep the autodiscover location, but change the certificate that is bound to it.  We
    have a matching certificate installed, but for some reason, Autodiscover keeps pointing toward the wrong certificate (that doesn't even exist).
    Any help would be greatly appreciated

    We purchased new certs from GoDaddy and inserted them into exchange (overwriting the old certs and CAs), and this seemed to correct the certificate mismatch.  However, when I run the Remote Connectivity Analyzer, I get this:
    Connectivity Test Failed
    Test Details
    <input class=" __ecpStyleButton" id="testSelectWizard___CustomNav3_buttonStartOver" name="testSelectWizard$__CustomNav3$buttonStartOver"
    style="padding:8px 8px 8px 29px;text-align:left;border-style:none;cursor:pointer;background-image:url(https;background-background-repeat:no-repeat;" type="submit" value="Start Over" /><input class=" __ecpStyleButton"
    id="testSelectWizard___CustomNav3_buttonRunAgain" name="testSelectWizard$__CustomNav3$buttonRunAgain" style="padding:8px 8px 8px 29px;text-align:left;border-style:none none none solid;cursor:pointer;border-left-color:#cccccc;border-left-width:1px;background-image:url(https;background-background-repeat:no-repeat;"
    type="submit" value="Run Test Again" />
    <input class=" __ecpStyleButton" id="testSelectWizard_ctl12_btnExpandAll" name="testSelectWizard$ctl12$btnExpandAll" style="padding:8px 8px 8px 29px;text-align:left;border-style:none
    solid none none;cursor:pointer;border-right-color:#cccccc;border-right-width:1px;background-image:url(https;background-background-repeat:no-repeat;" type="submit" value="Expand All" /><input class="ecpStyleButtonImageOnly
    __ecpStyleButton" id="testSelectWizard_ctl12_btnSaveXml" name="testSelectWizard$ctl12$btnSaveXml" style="padding-padding-bottom:6px;padding-text-align:left;border-style:none;cursor:pointer;background-image:url(https;background-background-repeat:no-repeat;"
    title="Save as XML" type="submit" value="" /><input class="ecpStyleButtonImageOnly __ecpStyleButton" id="testSelectWizard_ctl12_btnSaveHtml" name="testSelectWizard$ctl12$btnSaveHtml" style="padding-padding-bottom:6px;padding-text-align:left;border-style:none;cursor:pointer;background-image:url(https;background-background-repeat:no-repeat;"
    title="Save as HTML" type="submit" value="" />
    The Microsoft Connectivity Analyzer is attempting to test Autodiscover for [email protected].
    Testing Autodiscover failed.
    Additional Details
    Elapsed Time: 7624 ms.
    Test Steps
    Attempting each method of contacting the Autodiscover service.
    The Autodiscover service couldn't be contacted successfully by any method.
    Additional Details
    Elapsed Time: 7624 ms.
    Test Steps
    Attempting to test potential Autodiscover URL https://paidwarranty.com:443/Autodiscover/Autodiscover.xml
    Testing of this potential Autodiscover URL failed.
    Additional Details
    Elapsed Time: 1237 ms.
    Test Steps
    Attempting to resolve the host name paidwarranty.com in DNS.
    The host name resolved successfully.
    Additional Details
    IP addresses returned: 12.192.135.43, 50.232.20.50
    Elapsed Time: 129 ms.
    Testing TCP port 443 on host paidwarranty.com to ensure it's listening and open.
    The port was opened successfully.
    Additional Details
    Elapsed Time: 152 ms.
    Testing the SSL certificate to make sure it's valid.
    The certificate passed all validation requirements.
    Additional Details
    Elapsed Time: 342 ms.
    Test Steps
    The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server paidwarranty.com on port 443.
    The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate.
    Additional Details
    Remote Certificate Subject: CN=www.paidwarranty.com, OU=Domain Control Validated, Issuer: CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US.
    Elapsed Time: 247 ms.
    Validating the certificate name.
    The certificate name was validated successfully.
    Additional Details
    Host name paidwarranty.com was found in the Certificate Subject Alternative Name entry.
    Elapsed Time: 1 ms.
    Certificate trust is being validated.
    The certificate is trusted and all certificates are present in the chain.
    Test Steps
    The Microsoft Connectivity Analyzer is attempting to build certificate chains for certificate CN=www.paidwarranty.com, OU=Domain Control Validated.
    One or more certificate chains were constructed successfully.
    Additional Details
    A total of 1 chains were built. The highest quality chain ends in root certificate CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US.
    Elapsed Time: 39 ms.
    Analyzing the certificate chains for compatibility problems with versions of Windows.
    Potential compatibility problems were identified with some versions of Windows.
    Additional Details
    The Microsoft Connectivity Analyzer can only validate the certificate chain using the Root Certificate Update functionality from Windows Update. Your certificate may not be trusted on Windows if the "Update Root Certificates" feature isn't enabled.
    Elapsed Time: 5 ms.
    Testing the certificate date to confirm the certificate is valid.
    Date validation passed. The certificate hasn't expired.
    Additional Details
    The certificate is valid. NotBefore = 2/24/2014 3:11:57 PM, NotAfter = 2/24/2016 3:11:57 PM
    Elapsed Time: 0 ms.
    Checking the IIS configuration for client certificate authentication.
    Client certificate authentication wasn't detected.
    Additional Details
    Accept/Require Client Certificates isn't configured.
    Elapsed Time: 371 ms.
    Attempting to send an Autodiscover POST request to potential Autodiscover URLs.
    Autodiscover settings weren't obtained when the Autodiscover POST request was sent.
    Additional Details
    Elapsed Time: 241 ms.
    Test Steps
    The Microsoft Connectivity Analyzer is attempting to retrieve an XML Autodiscover response from URL https://paidwarranty.com:443/Autodiscover/Autodiscover.xml for user [email protected].
    The Microsoft Connectivity Analyzer failed to obtain an Autodiscover XML response.
    Additional Details
    A Web exception occurred because an HTTP 404 - NotFound response was received from IIS7.
    HTTP Response Headers:
    Content-Length: 5401
    Cache-Control: private
    Content-Type: text/html; charset=utf-8
    Date: Mon, 02 Mar 2015 14:58:45 GMT
    Server: Microsoft-IIS/7.5
    X-Powered-By: ASP.NET
    Elapsed Time: 241 ms.
    Attempting to test potential Autodiscover URL https://autodiscover.paidwarranty.com:443/Autodiscover/Autodiscover.xml
    Testing of this potential Autodiscover URL failed.
    Additional Details
    Elapsed Time: 5175 ms.
    Test Steps
    Attempting to resolve the host name autodiscover.paidwarranty.com in DNS.
    The host name resolved successfully.
    Additional Details
    IP addresses returned: 157.56.234.137, 157.56.244.217, 157.56.236.89, 157.56.232.9
    Elapsed Time: 327 ms.
    Testing TCP port 443 on host autodiscover.paidwarranty.com to ensure it's listening and open.
    The specified port is either blocked, not listening, or not producing the expected response.
     <label for="testSelectWizard_ctl12_ctl06_ctl00_ctl01_ctl01_tmmArrow">Tell
    me more about this issue and how to resolve it</label>
    Additional Details
    A network error occurred while communicating with the remote host.
    Elapsed Time: 4847 ms.
    Attempting to contact the Autodiscover service using the HTTP redirect method.
    The attempt to contact Autodiscover using the HTTP Redirect method failed.
    Additional Details
    Elapsed Time: 995 ms.
    Test Steps
    Attempting to resolve the host name autodiscover.paidwarranty.com in DNS.
    The host name resolved successfully.
    Additional Details
    IP addresses returned: 157.56.234.137, 157.56.244.217, 157.56.236.89, 157.56.232.9
    Elapsed Time: 16 ms.
    Testing TCP port 80 on host autodiscover.paidwarranty.com to ensure it's listening and open.
    The port was opened successfully.
    Additional Details
    Elapsed Time: 111 ms.
    The Microsoft Connectivity Analyzer is checking the host autodiscover.paidwarranty.com for an HTTP redirect to the Autodiscover service.
    The redirect (HTTP 301/302) response was received successfully.
    Additional Details
    Redirect URL: https://autodiscover-s.outlook.com/Autodiscover/Autodiscover.xml
    HTTP Response Headers:
    Connection: close
    Pragma: no-cache
    Cache-Control: no-cache
    Location: https://autodiscover-s.outlook.com/Autodiscover/Autodiscover.xml
    Elapsed Time: 137 ms.
    Attempting to test potential Autodiscover URL https://autodiscover-s.outlook.com/Autodiscover/Autodiscover.xml
    Testing of this potential Autodiscover URL failed.
    Additional Details
    Elapsed Time: 729 ms.
    Test Steps
    Attempting to resolve the host name autodiscover-s.outlook.com in DNS.
    The host name resolved successfully.
    Additional Details
    IP addresses returned: 132.245.64.242, 132.245.3.130, 132.245.92.226, 132.245.82.50, 132.245.81.194, 132.245.81.130, 132.245.88.194
    Elapsed Time: 17 ms.
    Testing TCP port 443 on host autodiscover-s.outlook.com to ensure it's listening and open.
    The port was opened successfully.
    Additional Details
    Elapsed Time: 53 ms.
    Testing the SSL certificate to make sure it's valid.
    The certificate passed all validation requirements.
    Additional Details
    Elapsed Time: 221 ms.
    Test Steps
    The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server autodiscover-s.outlook.com on port 443.
    The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate.
    Additional Details
    Remote Certificate Subject: CN=outlook.com, OU=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=WA, C=US, Issuer: CN=Microsoft IT SSL SHA1, OU=Microsoft IT, O=Microsoft Corporation, L=Redmond, S=Washington, C=US.
    Elapsed Time: 127 ms.
    Validating the certificate name.
    The certificate name was validated successfully.
    Additional Details
    Host name autodiscover-s.outlook.com was found in the Certificate Subject Alternative Name entry.
    Elapsed Time: 1 ms.
    Certificate trust is being validated.
    The certificate is trusted and all certificates are present in the chain.
    Test Steps
    The Microsoft Connectivity Analyzer is attempting to build certificate chains for certificate CN=outlook.com, OU=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=WA, C=US.
    One or more certificate chains were constructed successfully.
    Additional Details
    A total of 1 chains were built. The highest quality chain ends in root certificate CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE.
    Elapsed Time: 38 ms.
    Analyzing the certificate chains for compatibility problems with versions of Windows.
    Potential compatibility problems were identified with some versions of Windows.
    Additional Details
    The Microsoft Connectivity Analyzer can only validate the certificate chain using the Root Certificate Update functionality from Windows Update. Your certificate may not be trusted on Windows if the "Update Root Certificates" feature isn't enabled.
    Elapsed Time: 5 ms.
    Testing the certificate date to confirm the certificate is valid.
    Date validation passed. The certificate hasn't expired.
    Additional Details
    The certificate is valid. NotBefore = 1/21/2015 10:45:26 PM, NotAfter = 1/21/2016 10:45:26 PM
    Elapsed Time: 0 ms.
    Checking the IIS configuration for client certificate authentication.
    Client certificate authentication wasn't detected.
    Additional Details
    Accept/Require Client Certificates isn't configured.
    Elapsed Time: 158 ms.
    Attempting to send an Autodiscover POST request to potential Autodiscover URLs.
    Autodiscover settings weren't obtained when the Autodiscover POST request was sent.
    Additional Details
    Elapsed Time: 277 ms.
    Test Steps
    The Microsoft Connectivity Analyzer is attempting to retrieve an XML Autodiscover response from URL https://autodiscover-s.outlook.com/Autodiscover/Autodiscover.xml for user [email protected].
    The Microsoft Connectivity Analyzer failed to obtain an Autodiscover XML response.
    Additional Details
    An HTTP 401 Unauthorized response was received from the remote Unknown server. This is usually the result of an incorrect username or password. If you are attempting to log onto an Office 365 service, ensure you are using your full User Principal Name
    (UPN).
    HTTP Response Headers:
    request-id: d823479c-c259-4474-8b3f-df60b4898533
    X-CasErrorCode: UnauthenticatedRequest
    X-FEServer: BY2PR12CA0033
    Content-Length: 0
    Cache-Control: private
    Date: Mon, 02 Mar 2015 14:58:53 GMT
    Set-Cookie: ClientId=GILRU7BQ40ROHZE90FEIA; expires=Tue, 01-Mar-2016 14:58:54 GMT; path=/; secure; HttpOnly
    Server: Microsoft-IIS/8.0
    WWW-Authenticate: Basic Realm=""
    X-AspNet-Version: 4.0.30319
    X-Powered-By: ASP.NET
    Elapsed Time: 276 ms.
    end
    I've enabled basic authentication on the RPC virtual directory on the Exchange CAS in IIS and then restarted IIS, as suggested in another forum (https://social.technet.microsoft.com/Forums/exchange/en-US/69d83444-0528-4e39-a5e9-eb9040501be1/remote-connectivity-analyzer-problem?forum=exchangesvr3rdpartyappslegacy)
    and am still getting the same results from the Remote Connectivity analyzer.
    On a side note, we have reviewed multiple Exchange Deployment Assistance, including the one that you referred to, and are attempting a cutover migration.

  • Exchange 2013 wildcard certificate - problem IMAP POP Because the matter is not a fully qualified domain name

    Hi all, I have an Exchange 2013 SP1, I have installed a third-party SSL certificate and correctly on the server, but when I assign the POP and IMAP services, I see this error
    The certificate with thumbprint XXXXXXXXX and subject '*. Xxxx.yyy' can not be used for POP SSL / TLS connections because the matter is not a fully qualified domain name (FQDN). Use the Set-POPSettings X509CertificateName command to set the FQDN of the service.
    I tried to run this command and restart the POP and IMAP services
    ImapSettings set-ca-server-1-X509CertificateName mail.xxxxx.yyy
    POPSettings set-ca-server-1-X509CertificateName mail.xxxxx.yyy
    But the POP and IMAP services, the certificate is not assigned.
    You know as you can solve
    regards
    Microsoft Certified IT Professional Server Administrator

    Hi,
    Before we go further, I’d like to confirm if you can use POP and IMAP properly.
    If everything goes well, we can safely ignore it:
    http://www.hsuconsulting.com/wildcard-ssl-certificate-exchange-2013-imap-and-pop-error/
    If not, we can try the following commands :
    Set-POPSettings -ExternalConnectionSetting {mail.domain.com:995:SSL}
    Set-ImapSettings -ExternalConnectionSetting {mail.domain.com:993:SSL}
    http://careexchange.in/how-to-enable-and-configure-pop-imap-in-exchange-2013/
    Note: Microsoft is providing the above information as convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information
    found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.
    If you have any question, please feel free to let me know.
    Thanks,
    Angela Shi
    TechNet Community Support

  • Exchange 2007 shared mailbox

    How do you connect an exchange 2007 shared mailbox to your iphone?  Normal "user" mailboxes work just fine.  Is this supported by Apple and or Microsoft?

    Hi
    You can not control this behaviour from Exchange. This is controlled by Outlook. 
    Outlook chooses the from address from what additional mailbox you are replying from (just as you see :-))
    There are a lot of registry tweaks for Outlook, but I don't think there are one to control this.
    I see 3 possible sollutions.
    1.    The users can choose them self 
    2.    You give the users "Send As" permissions on the mailbox
    3.    you use this tool
    http://www.ivasoft.biz/setfrom2013.shtml
    BR
    Steen

  • Edge 2013 External Wildcard Certificate

    Hi,
    I know this has been covered a number of times but I'd like something that's been posted more recently.
    We use Lync 2013 with a wildcard certificate on our edge external interface.  Everything works as expected and that's on version 5.0.8308.556
    I've recently deployed Lync 2013 at a customer site and when applying the certificate I'm unable to sign on externally or contact federated partners.  They're running 5.0.8308.577
    When testing from Lync connectivity tester I get the following:
    Attempting to resolve the host name blah.co.uk in DNS.
    The host name resolved successfully.
    Additional Details
    Testing TCP port 443 on host blah.co.uk to ensure it's listening and open.
    The port was opened successfully.
    Additional Details
    Testing the SSL certificate to make sure it's valid.
    The certificate passed all validation requirements.
    Additional Details
    Elapsed Time: 758 ms.
    Test Steps
    The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server blah.co.uk on port 443.
    The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate.
    Additional Details
    Validating the certificate name.
    The certificate name was validated successfully.
    Additional Details
    Certificate trust is being validated.
    The certificate is trusted and all certificates are present in the chain.
    Test Steps
    The Microsoft Connectivity Analyzer is attempting to build certificate chains for certificate CN=*.blah.co.uk, OU=Domain Control Validated.
    One or more certificate chains were constructed successfully.
    Additional Details
    Analyzing the certificate chains for compatibility problems with versions of Windows.
    Potential compatibility problems were identified with some versions of Windows.
    Additional Details
    The Microsoft Connectivity Analyzer can only validate the certificate chain using the Root Certificate Update functionality from Windows Update. Your certificate may not be trusted on Windows if the "Update Root Certificates" feature isn't enabled.
    Elapsed Time: 4 ms.
    Testing the certificate date to confirm the certificate is valid.
    Date validation passed. The certificate hasn't expired.
    Additional Details
    The certificate is valid. NotBefore = 10/25/2013 2:46:03 PM, NotAfter = 10/25/2016 1:42:28 PM
    Elapsed Time: 0 ms.
    Testing remote connectivity for user [email protected] to the Microsoft Lync server.
    Specified remote connectivity test(s) to Microsoft Lync server failed. See details below for specific failure reasons.
     <label for="testSelectWizard_ctl12_ctl06_ctl03_tmmArrow">Tell
    me more about this issue and how to resolve it</label>
    Additional Details
    Couldn't sign in. Error: Error Message: Unknown error (0x80131500).
    Error Type: TlsFailureException.
    Elapsed Time: 1649 ms.
    Any help would be much appreciated!
    Thanks

    Hi,
    Wildcard certificate doesn’t support for Edge server (both external and internal interface). It is supported to use a public certificate for Edge external interface, for Edge internal interface typically use a private certificate issued by an internal certification
    authority.
    More details about certificate requirements for external user access:
    http://technet.microsoft.com/en-us/library/gg398920.aspx
    You can refer to the link below of “Wildcard Certificate Support”:
    http://technet.microsoft.com/en-us/library/hh202161.aspx
    Here is a similar case my help you:
    http://social.technet.microsoft.com/Forums/lync/en-US/6bd237eb-2e96-437b-b559-54cf95230417/lync-server-2013-edge-unknown-error-0x80131500-tlsfailureexception?forum=lyncdeploy
    Best Regards,
    Eason Huang
    Eason Huang
    TechNet Community Support

  • Unable to access public folders on Exchange 2007 when user mailbox is on Exchange 2013

    Hi
    I have coexistence with Exchange 2007 and Exchange 2013. I've moved a mailbox to Exchange 2013 and now cannot view the public folders on Exchange 2007. The error message I get is "could not connect to the public folder server. microsoft exchange is
    not available. either there are network problems or the exchange server is down for maintenance."
    Mailboxes on Exchange 2007 do not have any problems viewing public folders. I can't migrate users to Exchange 2013 until this issue is resolved.
    The IIS permissions to the Public virtual directory on Exchange 2007 is set to Intergrated Windows and Basic authentication.

    Hi northerly,
    I recommend you follow the steps below for troubleshooting:
    1. Please run the Get-OutlookAnywhere cmdlet to verify the Outlook Anywhere settings on Exchange Server 2013 Client Access servers.
    2. If "ExternalHostName" is set, and "ExternalClientAuthenticationMethod" is Negotiate, change "ExternalClientAuthenticationMethod" to something other than Negotiate.
    3. If "InternaClientlAuthenticationMethod" is set to Negotiate, and "InternalRequireSSL" is True, change "InternalClientAuthenticationMethod" to something other than Negotiate, or change "InternalRequireSSL" to False.
    What's more, here is a helpful KB for your reference.
    Users of Exchange Server 2013 or Exchange Online can't open public folders or shared mailboxes on an Exchange 2010 or Exchange 2007 server
    http://support.microsoft.com/kb/2834139/en-us
    Hope my clarification is helpful.
    If there are any problems, please feel free to let me know.
    Best regards,
    Amy
    Amy Wang
    TechNet Community Support

  • Changes in ical won't update my Exchange 2007 server

    If I make a change in ical, it doesn't update my server calendar. It works the other way round. Can anyone help? Is it possible to make this work? My server support line tell me Exchange 2007 doesn't support ical.

    bump... and please help. I'm really lost on this. My calanders say they are publishing to mobile me but they are not!

  • Legacy Namespace for Exchange 2007 to 2013 co-existence

    We are migrating from Exchange 2007 to 2013, during the co-existence phase, where is the legacy.{domain.com} namespace used? We are at the point now that we want to move all services over to the Exchange 2013 CAS servers, however... GPO settings
    are used to point outlook clients to mail.{domain.com} for Outlook Anywhere. If DNS is updated to point mail.{domain.com} to the Exchange 2013 servers, will there be an issue with connectivity for people still on the Exchange 2007 servers? Do these people
    need to point to legacy.{Domain.com} or will mail.{domain.com} proxy the connection to the legacy namespace? I would like to know if the GPO settings will interfer with the settings that Autodiscovery provide back.
    I have read a bunch or articles on the approach, but I am still fuzzy on where legacy.{domain.com} comes into play.
    Thanks in advance for your help.

    In coexistence with exchange 2013 and legacy version the request happens in 2 types.
    For Exchange 2010 –
    Exchange 2013 does a Proxy for owa and ews requests for users in exchange 2010.
    For Exchange 2007 –
    Exchange 2013 does redirection for owa and ews requests for users in Exchange 2007.
    Certificates:
    All the required SAN entries for UM,webservices and activesync should be created.
    Add external owa legacy URL to the public certificate and install it on both Exchange 2007 and
    Exchange 2013 only then owa redirection will work.
    You need to Include internal Legacy. Domain.com on Exchange 2007 Certificate for OWA co-
    Existence.
    Following change needs to be done in Firewall
    External OWA URL should be directed to exchange 2013 Internet Facing CAS.
    External EWS URL should be directed to  exchange 2013 Internet Facing CAS.
    External Autodiscover URL should should be directed to  Exchange 2013 CAS.
    External ActivesyncVirtualDirectory should be directed to Exchange 2013 CAS.
    External UMvirtualDirectory should be directed to  Exchange 2013 CAS.
    Create new NAT rule on firewall for Legacy.domain.com to Exchange 2007 CAS. You can do this as well.By doing this users will be able to log on directly using the URL https://legacy.domain.com/owa with
    a mailbox on Exchange 2007.
    External and Internal DNS settings
    Public DNS - Map all of your external public DNS records (ews,owa,activesync etc.,) to your
    exchange 2013 public IP if you have dedicated one for 2013 or FQDN of your internet facing CAS server.
    Example:
    Current external owa URL (contoso.domain.com) – point it to dedicated exchange 2013 public ip or internet facing exchange 2013 CAS FQDN.
    Current External Autodiscover – point it to dedicated exchange 2013 public ip or internet
    facing exchange 2013 CAS FQDN
    Internal DNS – Configure the Exchange 2007 to point SCP AutoDiscoverURI to Exchange 2013 Client
    Access FQDN by changing DNS entry for Autodiscover.domain.com to exchange 2013 CAS sever Ip
    address
    The internal DNS records should point to the internal host name and IP address of your Exchange
    2013 Client Access server
    Make sure that legacy.contoso.com resolves to CAS2007 in internal and external DNS.
    Authentication Settings:
    This part is little bit tricky. You need to plan according to your organization. If you have FBA configured in TMG or ISA server then you need to configure accordingly.
    Set the owa virtual directory authentication only to  Basic in exchange 2007.
    In exchange 2013 set owa virtual directory to only (Windows Authentication) or only (form-based authentication) or only (Basic, No redirection, SSL Enabled) depends according to your setup.
    Things to check:
    If you have redirection configured in IIS on the Exchange 2007 Server Make sure that the above
    Virtual Directories doesn’t have it configured.
    If you have FBA enabled on ISA or TMG then disable FBA on Exchange 2013 CAS else users will be prompted twice for authentication
    For further references you can refer my article below
    http://exchangequery.com/2014/09/24/owaews-configuration-in-exchange-20132007-coexistence/
    Remember to mark as helpful if you find my contribution useful or as an answer if it does answer your question.That will encourage me - and others - to take time out to help you Check out my latest blog posts on http://exchangequery.com Thanks Sathish (MVP)

  • Exchange 2007 Compatibility?

    We are running Unity 4.1 and are looking to run Exchange 2007. Everything I can find says that Unity 5.0 is the only supported configuration? Is this true? When will Unity 5.0 be available? Is there a temporary fix to help transition over in the mean time.

    Yes Exchange 2007 is ONLY supported with unity 5.0.
    Check Link
    http://www.cisco.com/en/US/products/sw/voicesw/ps2237/products_data_sheet0900aecd805e6e12.html
    I would not recommend running exchange 2007 on a production unity (4.x).It might work but again you taking the risk for running unsupported software(plus exchange 2007 is quite new which might be buggy also)
    I guess you can contact Cisco Representative for unity 5.0 availability or contact your cisco presales.
    As far as I know there is no temporary fix ...I hope it doesn't ruin your day

Maybe you are looking for

  • Calendar recommendations

    Looking for a calendar program that can integrate with either/both iCal and/or Google calendar. Essentially I need a three dimensional calendar. I have several attributes that each project shares. For instance, we need to view/keep track of rehearsal

  • Anyconnect secure mobility and windows 8.1 problem

    I installed the anyconnect secure mobility client 3.1.05152 version on a couple o windows 8.1 workstations on my home network. There are no restrictions from my firewall towards the outside world. When i try to connect for the first time i get the ce

  • Java newbie questions...Setting the classpath in Unix

    When you set the classpath, how do you include anything already in the classpath? For instance, if your profile sets your classpath to "/home/weblogic/:home/weblogic/weblogic.jar, and you want to add MyJar.jar to it, can you enter: export classpath=~

  • IPhoto 9.6 and Image Capture can't import from iPhoto, don't recognize devices or SD cards

    I'm running the latest version of Yosemite on a recent MacBook Pro, with iPhoto 9.6. I recently noted when trying to import photos from an SD card that iPhoto didn't recognize the SD card automatically, and ask whether I wanted to import my photos. I

  • Extended classic scenario PO not created

    Hi Guys, Hope someone could give me some hints on this. This is an isolated case.System works fine for all other shopping cart except for below case. The shopping cart approved and suppose to create the PO. I could see the PO number generated in BBP_