OWA SSL Cert Replacement having issues

Similar Messages

• Expired SSl Cert

  We just upgraded from 1.4 to 2.0. When  we attempt to login via the GUI the ssl cert that is issued is expired, this does not allow us to login. How do we deltele the expired cert and create a new one?

  Hello Kevin,
  SSH into FI and let us verify whether UCSM's self-signed certificate has expired or not.
  scope security
  show keyring detail
  If it has expired, we need to manually re-generate the self-signed certificate as  documented here
  http://www.cisco.com/en/US/docs/unified_computing/ucs/sw/cli/config/guide/2.0/UCSM_CLI_Configuration_Guide_2_0_chapter6.html#task_7052CA63F06F49D29F58D6BA1CF99993
  HTH
  Padma

• My Apple Macbook hard drive crashed and I had to replace. Now trying to reload CS5 and having issues. When I click download from Adobe download page, a screen pops up saying "Access Denied". I have serial number, but don't even get to a page to enter. Ple

  My Apple Macbook hard drive crashed and I had to replace. Now trying to reload CS5 and having issues. When I click download from Adobe download page, a screen pops up saying "Access Denied". I have serial number, but don't even get to a page to enter. Please help…Thanks!!

  Make sure you have cookies enabled and clear your cache.  If it continues to fail try using a different browser.
  You can also download the trial version of the software thru the page linked below and then use your current serial number to activate it.
  Be sure to follow the steps outlined in the Note: Very Important Instructions section on the download pages at this site and have cookies enabled in your browser or else the download will not work properly.
  CS5: http://prodesigntools.com/all-adobe-cs5-direct-download-links.html

• I purchased an iPhone 3 and had photos on it. Started having issues within 30 days and could replace it. Moved photos to back up on iCloud. did not restore new phone from back up how can i save the new photos and retrieve the old ones?

  I purchased an iPhone 3 and had taken some photos on it. I started having issues within 30 days and could replace it. So I created an iCloud account and  saved those photos as a back up on iCloud. I did not restore my new phone from back up because I did not realize I needed to restore and not just activitate it. How can I save the new photos, apps, and other stuff but retrieve the old photos?

  If all you want is your old photos, you could backup your new phone using iTunes, then restore it from your iCloud backup, import the old photos to your computer, then restore it from the backup your made in iTunes returning your newer data to your phone.  If you want your old photos on your phone, sync them there from your computer using iTunes.  The process would look like this:
  Connect your phone to your computer, when it appears in iTunes on the left sidebar right-click on it and select Transfer Purchases; right-click again and select Backup.
  Disconnect from your computer and go to Settings>General>Reset>Erase All Content and Settings to return it to new
  Go through the activation setup, choosing to Restore from iCloud backup.  Make sure your phone is plugged into a charger and has access to wi-fi as this can take hours to complete.
  When complete, without connecting your phone to your computer, open iTunes and go to Preferences.  On the Devices tab check "Prevent...from syncing automatically"
  Now import the old photos to your computer (see http://support.apple.com/kb/HT4083)
  When done, open iTunes, right-click on the name of your phone on the left sidebar and select Restore from Backup, choose the backup you made in step 1.
  Go to the Photos tab and select the photos you want to sync to your phone and sync.

• I'm Having trouble with OWA and Certs after the Rollup 7 for SP3 installation. any idea? update 2961522-

  Hi, everyone.
  I'm Having trouble with OWA and Certs after the Rollup 7 for SP3 installation. any idea? update 2961522-
  after running get-OWAVirtualDirectory or test-OWAConnectivity i'm getting a message that says "OWA it's Orphan, No Metadata information can be found."
  I only have the OWA users impacted.- anywhere users, and ActiveSync are working well.-
  Thanks,
  Fabian Alberto Campo
  MCT-MCSA 2012-MCITP365-MCTS
  Fabián A. Campo H. Consultor tecnico @ IXO Ltda. MCT MCP MCTS MCSA HP-APS Cra. 67 No. 167 – 61 of 303 Bogotá, Colombia

  Hi Fabian,
  Is there any error code when user access their mailbox on OWA. Please confirm if there is no results returned in EMS when you run Get-OWAVirtualDirectory cmdlet. Also check whether there is any Event Logs related to OWA in Exchange.
  In IIS manager, make sure the OWA virtual directory is listed in the Default Web Site. In EMC, we can navigate to Server Configuration > Client Access, select server and turn to Outlook Web App tab. Then we can click Reset Virtual Directory in the right
  Actions pane to reset OWA virtual directory.
  Additionally, please restart IIS service by running iisreset /noforce from a Command Prompt window.
  Regards,
  Winnie Liang
  TechNet Community Support

• Hi, I had recently purchased ipad3 and but obviously have been having issues with heating up and some minor issues with video playback etc. Apple has agreed to replace my device. I need help in deciding whether i should get a new ipad3 or opt for ipad2.

  Hi, I had recently purchased ipad3 and but obviously have been having issues with heating up and some minor issues with video playback etc. Apple has agreed to replace my device. I need help in deciding whether i should get a new ipad3 or opt for ipad2. Seller is willing to replace it with ipad2 as well..
  Have also heard that the ipad3 revamped version is around along with the mini pad rumor..too much information - lot's of confusion pls help

  Lindsay,
  Your iBookG4 is still a pretty awesome Mac. Like already said, it has the power to run Leopard, but it depends if you have an internal DVD drive.
  Then I suppose you have to add up the cost of the OS, perhaps another 512MB RAM, iLife 08 and replacements for any favourite apps that you currently use (Leopard breaks a lot of stuff, but Intel breaks even more). Compare it to the cost of a new MacBook, which wil have all of that included and be 3-4x faster too.
  It also depends on what you want to achieve with your iBook. My PMG4 still cuts it today, I still use it in preference to my new Mac Pro, It's about the same age as your iBook, and I'll only stop using it when it becomes "painfully" slow. My 1 year old son currently uses the Mac Pro (parts for a Mac Pro are easier to replace than those for a PMG4).
  I think your choice is simple, if you can a cheap copy of Tiger, use that, it'll get your iPod Touch up and running. It came in DVD and 4 CD version (by request).
  Leopard will work for you too but a lot of the best eye-candy requires quite a meaty graphics card and you may need a RAM upgrade and replacement software - OS9 Classic is not supported in Leopard.

• We are having issues with WLS 5.1   pdf   SSL

  We are running IE 5.0 and above browser with our application and the server is Weblogic 5.1 We are having issues with a generated pdf being sent down from the server using the response outputStream in an SSL connection. We tried setting the content type before getting the outputstream. IE comes back with a dialog for download. When we select either of the options IE comes back with "Unable to download <url> from <server>. We are using WLS 5.1 service pack 6. Any help will be greatly appreciated
            

            I tried this option, but did not help. We have two weblogic servers on different
            machines. One works fine in downloading pdf file over https, but not the other.
            The error we are getting after selecting it to save it to a file:
            IE cannot download xx.pdf from www.xxx.com
            From the link, when we say "save target as", we get different error as:
            This file could not be written to cache.
            Someone suggested to pass "pragma: public" or "pragama: no-cache" in the header.
            But we are just simply serving it as a file, neither from servlet nor from jsp.
            So I suspect it something to do with our weblogic proxy or security configuration.
            Any ideas/help is much appreciated.
            Thanks
            Jayashree Raghavan <[email protected]> wrote:
            >If you ever have a similar problem it might help to check in browser
            >settings.
            >In IE goto tools/internet options/
            >Goto advanced Tab
            >go down to Security.
            >Uncheck the "donot save encrypted pages to disk".
            >This will make downloading a pdf work in ssl.
            >
            >
            >Jayashree Raghavan wrote:
            >
            >> We resolved this problem thanks to Maxim, by commenting out the code
            >that sends to the browser not to cache these pdf files. response.setHeader("Pragma",
            >"no-cache");
            >
            

• 2012R2 RDS SSL Cert mismatch Issue on alternate port

  Hi,I am trying to setup RDS on 2012R2.I only have a single public IP and i already have 443 SSL sent to the Exchange server using a GoDaddy cert for that.Ive got another GoDaddy cert for RDS thats running on a stand alone server.I have changed the RD Gateway to use port 444 for https.Ive added a firewall rule to send 444 to my TS.I can hit https://url:444/rdweb fine - no certificate error, it picks up the correct cert.I can login fine.I try to run a remote app, provide domain creds and then it errors with:Your computer can’t connect to the remote computer because the Remote Desktop Gateway servers address requested and the certificate subject name do not match. Contact your network administrator for assistanceSo it appears at the point of launching the app that its reverting back to 443 and picking up my exchange SSL cert instead....
  This topic first appeared in the Spiceworks Community

  Hi,I am trying to setup RDS on 2012R2.I only have a single public IP and i already have 443 SSL sent to the Exchange server using a GoDaddy cert for that.Ive got another GoDaddy cert for RDS thats running on a stand alone server.I have changed the RD Gateway to use port 444 for https.Ive added a firewall rule to send 444 to my TS.I can hit https://url:444/rdweb fine - no certificate error, it picks up the correct cert.I can login fine.I try to run a remote app, provide domain creds and then it errors with:Your computer can’t connect to the remote computer because the Remote Desktop Gateway servers address requested and the certificate subject name do not match. Contact your network administrator for assistanceSo it appears at the point of launching the app that its reverting back to 443 and picking up my exchange SSL cert instead....
  This topic first appeared in the Spiceworks Community

• Dreaded "must be configured to use a valid SSL cert" - 2008 R2

  Hello everybody,
  I've been browsing through hundreds of topics on the dreaded "The RD Gateway server must be configured to use
  a valid SSL certificate" error using BPA (Windows Server 2008 R2 Std), but still haven't found a proper solution.
  Here's the issue: RDGW not operating properly and sometime accepting connections, sometimes not. 
  I have an external domain example.com and internally, the domain is example.local. I have one server serving Exchange and RD, this is the server responding to mail.example.com and I have an StartSSL issued cert for mail.example.com, which is properly configured
  on the server (OWA is working properly with autodiscover etc.). SSL bindings seem alright, default site is using the mail.example.com SSL cert.
  If I open the RDGW Manager and go to the SSL Certificate tab, the system looks happy by having the cert installed, everything looks fine. Sometimes I even manage to connect - connection is successful, I can normally connect to any of the servers or computers.
  On a second attempt, I just get the message, that the logon attempt had failed. If I run BPA on the server, I get the error of not having a proper SSL cert. If I select a self-signed cert, then also the BPA goes through, but then I have problems with connections
  since everybody would need this cert to have installed.
  From what I read, my problems are related to the issue that the FQDN of my server is servername.example.local and the cert is issued to mail.example.com. How can I make the thing only to talk via the mail.example.com cert? I don't think I can get a cert
  that'd also contain a SAN of servername.example.local from the CA.
  What can I do?

  Hi Andrej,
  Thanks for posting in Windows Server Forum.
  Here providing you the article for BPA’s configuration logs, where you can check. It also states that certificate are main problem related to this error. Please check certificate which you have bound have FQDN name of gateway server, the certificate is SSL
  certificate and it’s a trusted certificate. Also check that certificate which you have importing to RD gateway must be in local computer/personal store. For more information refer below article.
  1. Using the Remote Desktop Services BPA to analyze a Remote Desktop Gateway
  implementation
  2. RDS: The RD Gateway server must be configured to use a valid SSL certificate
  In addition, you need to specify the FQDN name of RD gateway under
  DefaultTSgateway in IIS setting. Please go through below article for details.
  RD Gateway/Web Access Outside the Firewall
  Hope it helps!
  Thanks,
  Dharmesh

• How to validate SSL cert on ASA5510, before changing DNS?

  I have recently installed an SSL certificate from a third party CA (GoDaddy) into an ASA5510 that I will be using as a VPN appliance for AnyConnect clients.
  The ASA is going to replace our VPN server, which currently has the vpn.domain.com FDQN assigned to its IP address in public DNS.  
  Is there a way for me to properly valiadate that the SSL cert will work without any issues (i.e. no invalid error messages popping up on users' AnyConnect clients) from the Internet, before I cut over public DNS to point to the public facing interface on the ASA5510 which is where vpn.company.com will ultimately be pointing to?

  Put vpn.domain.com in your local PC hosts file with the new IP. Then try Anyconnect.

• Wildcard SSL cert on ASA

  Is it possible to use a wildcard SSL cert on an ASA? That is, instead of getting a specific cert with the FQDN of the ASA, we would use the wildcard cert issued?

  Absolutely, it's especially needed in ASA vpn load balancing environments. When you connect to a FQDN that translates to a load balancing IP, one of the ASAs will do an http redirect to its individual hostname, your browser (or AnyConnect) will attempt that connection and ASA needs to have a certificate for that specific hostname. Having a wildcard cert on all ASAs resolves this. I've got this running on several customers.
  If you need help with configuration, let me know.
  You can either generate private keys on the ASA (and later export it to another ASA or other non-cisco devices), or you could import an existing wildcard certificate with the private keys (in PKCS12-BASE64 format)
  Regards,
  Roman

• SSL Cert Setup on the Palm Pre

  I am having issues setting up my companies email on the Palm Pre.  We use an SSL cert and for some reason I get Certificate Error. Is the time and date wrong.  I looked at many blogs with other people having this issue and they say a root cert needs to be put on the phone.  The only way it says to do this is to install the Microsoft Certificate Authority and then generate the cert that way. 
  Well, the issues that I am having is I have been generating my cert using the new-exchangecertificate -domainnames mydomain.domain.com, and I do multiples dns names.  This cert works fine on all my computers and all other cell phones.  When I put it on the pre I get the error above.  I read that this is an IIS root cert and the palm does not allow this.  I then installed the Certificate Authority and generated a cert and the pre worked fine, the only issue is the cert broke the rest of my external users connections.  I need the cert to have dns resolution addresses in it.  I found out how to get the Certificate Authority to have san:dns= domain.domain.com names.  But when I generate this cert and put it as my primary cert it then brakes the palm and my other systems. 
  How can I get the Certificate Authority to give me a cert with all the DNS names I need and work on the palm and all my other systems.
  Any help is great and thanks in advance.
  Post relates to: Pre p100eww (Sprint)

  We keep any type of updates very close to us. So close in fact that I do not know and only the developers know about this. But if you feel that this should be included there is a feedback link at the bottom of my post click on that and leave the feedback

• How to setup SSL cert for SharePoint apps in a three tier farm with nlb

  I am having trouble understanding how to setup the SSL certificate on SharePoint apps or in general its configuration

  Please check the below thread..
  https://social.technet.microsoft.com/Forums/sharepoint/en-US/53465d30-10b2-48c9-9541-5ade738156b4/how-to-setup-ssl-cert-for-apps
  Don't forget to mark it as an Answer if it resolves your issue and Vote Me as helpful if it useful.
  Mahesh

• Getting sec_error_inadequate_cert_type with Private SSL Cert

  Howdy,
  I run a Private Certificate Authority for my personal use and just to learn about SSL Certs. However, with the current build of FireFox I'm on ( 31 ) I can no longer visit sites I've secured with SSL Certs signed by this certificate authority, even though these SSL certs work just perfectly fine in Chrome and Internet Explorer. I keep getting a "sec_error_inadequate_cert_type" error. I can only assume that the certs I've been issuing are incorrect in some way, but the error is so vague and the error page doesn't specify more.
  I only discovered this when I realized some of my SSL certs had expired, and I went to re-issue them.
  One of the certs that hasn't expired yet but is experiencing problems can be found here:
  * https://forums.silicateillusion.org
  One of the Certs I've tried re-issuing, matching fields included as closely as I can to a Google SSL cert that I looked up is here:
  * https://phpmyadmin.endofevolution.com
  These certificates were generated using the application called SimpleAuthority, found here: http://simpleauthority.com/
  A Site like Networking4All.com seems to believe the Certs are valid, excepting the CA that is Self Signed: http://www.networking4all.com/en/support/tools/site+check/report/?fqdn=phpmyadmin.endofevolution.com&protocol=https
  Interestingly enough, using a different site like SSLShopper shows an error similar to FF31: http://www.sslshopper.com/ssl-checker.html#hostname=https://phpmyadmin.endofevolution.com
  The certs are running on an Apache Web server: Apache/2.2.21 (Win32) mod_ssl/2.2.21 OpenSSL/1.0.0e PHP/5.3.10
  The CA Cert is in FireFox's store as trusted.
  If needed, I can provide certs.

  ''SniperFodder [[#answer-626818|said]]''
  <blockquote>
  I however, do not. It's something specific to Firefox I seem to be having. Maybe I'm running an outdated version of Chrome? Which would be hard seeing as chrome itself says it's up to date: Version 37.0.2062.120 m
  I appreciate the link to Bug 1034124, However the SSL certificate itself IS NOT self signed. Only the CA is, which signed the SSL Cert. I guess what I mean to be asking is... Is Firefox Rejecting my SSL Cert, because my CA Is Self Signed?
  I also offer the CA Cert for download since no one would have the cert in their stores. Would this also affect it?
  I've attached a screen shot of the error I'm getting so that it's available for the ticket. The following is also the "plaintext" verison of the error I'm getting:
  "Certificate type not approved for application."
  </blockquote>

• SSL Certificate question (minor issue)

  I have a Windows 2012 server setup with RDS.  I have about 10 virtual machines already setup - my whole VDI infrastructure.  Everything is working fine - accessing the vm's internally and externally, however, I have issues w/the certificate.
  I am using a self-signed certificate (until I can my client to pay for a real SSL cert).
  I have created an A record for my DNS at my hosting company that points to my public IP (e.g. remote.mycompany.com instead of typing in the IP address), the port forwarding on my router kicks in and sends the https traffic to my RD Gateway (my Windows 2012)
  and the user will see the RDWeb page and can log in from there.  The cert is pointed to remote.mycompany.com too.  However, my server is called vdi-remote2.mycompany.com.  Naturally, when using IE to access the RDWeb page, their address bar
  in IE will be red with the cert error/warning.
  First they are greeted with the "There is a problem with this website's security certificate" and will click on continue to the this website.  Upon inspection of the certificate, it will say "This CA Root certificate is not trusted.  To
  enable trust, install this certificate in the Trusted Root Certification Authorities store."  Ok, I can install it (and have), but I still get the red address bar in my IE.
  Needless to say, I'd like to clean this all up.  The users are non-technical people and when they see this stuff, they freak out.  We know what it all means - we're technical folks, but I'd like to clean it all up and just have it nice and security.
   Green or no address bar when using https in the address bar.
  How can I clean this all up though when I have external users accessing https://remote.mycompany.com/rdweb and internal users accessing https://vdi-remote2/rdweb.  I don't recall the possibility to have two certs for one website (the RDWeb).  So,
  I'm a bit confused on all this cert stuff.  I could keep everything as is and just train the users, but I'd rather not.
  Thank you in advance for your reply.

  Hi Steve,
  Thanks for your comment.
  Yeah, your understanding is correct as you have commented that “Things are working, but ONLY after I install the cert in the trusted root certification authorities store.”
  Trusted certificate is required for RDS server.
  I would like to suggest you that first of all certificate must be placed in (local computer)/Personal Store, and the
  certificate must be signed by trusted authority. Please check below link which state that “If the RD Gateway server is configured to use a Secure Sockets Layer (SSL) certificate that is not signed by a trusted
  certification authority, users might be unable to connect to internal network resources (computers) through the RD Gateway server. “ 
  RDS: RD Gateway must be configured to use an SSL certificate signed by a trusted certification authority
  You may export your certificate (and its private key) to a .pfx file using the Certificates mmc snapin.  By that way you can use the .pfx file for the RDS Role Services.
  Certificate Requirements for Windows 2008 R2 and Windows 2012 Remote Desktop Services
  For your comment “One user was having issues.  Once I installed the cert on her computer, she has no more issues logging in and launching a remote session. “, I can say that if the issue is mostly due to certificate only then
  if you will purchase trusted authority certificate then as per my knowledge you’re all problem regarding login and certificate will be solved.
  More information:
  1. Configuring RDS 2012 Certificates and SSO
  2. RD Web Access Web site to use a trusted certificate
  (Thread might helpful to understand)
  Hope it helps!
  Thanks,
  Dharmesh