Error message on update

G

george spain

Updated to latest Entourage

Upon each restart I get error message:

Unable to Establish a secure connection to exchangeold.xxx.xxx because the
server name or IP address does not match the name or IP address on the
server's certificate.

Any Ideas/

Thanks,

G
 
C

Corentin Cras-Méneur

george spain said:
Updated to latest Entourag
Upon each restart I get error message
Unable to Establish a secure connection to exchangeold.xxx.xxx becaus
the server name or IP address does not match the name or IP address o
theserver's certificate

Well could it be that indeed the certificate is faulty

Corenti
 
C

Corentin Cras-Méneur

Corentin Cras-Méneur said:
Well could it be that indeed the certificate is faulty?Corentin

Sorry about that. I tried to post through a new version of NemoX and
apparently the newsclient is not quite ready for it yet :-\

Corentin
 
G

george spain

Well could it be that indeed the certificate is faulty?

Corentin
Well, yes. That's what I figured at first. But I can't figure out 1) why
others don't get this message after update and 2) In Entourage, how can I
accept and trust a certificate that may be faulty but I know is real?

Thanks

g
 
C

Corentin Cras-Méneur

Well, yes. That's what I figured at first. But I can't figure out 1) why
others don't get this message after update and 2) In Entourage, how can I
accept and trust a certificate that may be faulty but I know is real?

Entourage might be getting better security-wise and I'm not sure you can
force it to accept a certificate that doesn't make any sense to it.
It's like putting your debit card in an ATM, entering the wrong PIN and
still expect to be able to get some cash out of it :-\

Corentin
 
W

William Smith

george said:
Updated to latest Entourage

Upon each restart I get error message:

Unable to Establish a secure connection to exchangeold.xxx.xxx because the
server name or IP address does not match the name or IP address on the
server's certificate.

Several folks have reported this issue since installing SP1. No idea if
this is improved security or if it's a bug. Check with your Exchange
admin and ask if the server is using the "sample" SSL certificate.

Hope this helps!

--

bill

William M. Smith, Microsoft Interop MVP - Mac/Windows
Entourage Help Page <http://entourage.mvps.org/>
Entourage Help Blog <http://blog.entourage.mvps.org/>
 
T

Thomas Moy

Add me to the list. Only started after updating to SP1.

Setup new OS X user, created new account in Entourage 2008 SP1, and
it's showing the error once per Entourage-launch:

"Unable to establish a secure connection to (my domain) because the
correct root certificate is not installed."

We're on Intermedia (Exchange 2007 hosting), aren't seeing any issues
with our Windows Outlook clients, nor pre SP1 Entourage clients. Not
using secure mail.

Weird.

Tom
 
M

Mother

Hi,

Just FYI I'm having the same problem with mail2web hosted Exchange. I
think the problem stems from the way the Exchange server field is
entered.

Following mail2web configuration instructions, I configured the
Exchange server address as:

https://ex7.mail2web.com/exchange/[email protected]

The SSL error I get from Entourage mentions the certificate not
matching domain.com, NOT mail2web.com. It seems as if Entourage is
grabbing the final part of the URL, domain.com, and checking the
server certificate's common name against it. I imagine if the accounts
pointed to https://ex7.mail2web.com/exchange this error would not
appear, but I don't have an Exchange server to test my theory with.

Mother
 
M

Mother

I have been looking at the traffic with tcpdump, and finally I have a
tentative answer for the problem (I will know for sure once DNS
records propagate), at least in my particular case. My service,
mail2web, specifies in the setup instructions that you must add an MX
record for your domain (say ex7.domain.com) pointing to their server's
IP, and also add a CNAME for autodiscover.domain.com.

It seems that Entourage is trying to connect to all these domains:

ex7.mail2web.com (https/443)
autodiscover.domain.com (https/443)
domain.com (https/443)
www.domain.com (http/80)

In my case, it's obvious that since autodiscover.domain.com is
pointing to mail2web's IP, the certificate check will fail. Why it is
also checking domain.com and www.domain.com escapes my understanding,
but it's worth considering by anyone having this problem.

IMHO the best solution for this would be an 'Ignore SSL certificate
errors' setting in preferences, and let users deal with their
scenarios - much better than forcing them to go over unsecured
connections, or face clicking the error message every time they start
Entourage.

Regards,

Mother
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top