Error message on update

[george spain]

Updated to latest Entourage

Upon each restart I get error message:

Unable to Establish a secure connection to exchangeold.xxx.xxx because the
server name or IP address does not match the name or IP address on the
server's certificate.

Any Ideas/

Thanks,

G

 

[Corentin Cras-Méneur]

Updated to latest Entourag

Upon each restart I get error message

Unable to Establish a secure connection to exchangeold.xxx.xxx becaus
the server name or IP address does not match the name or IP address o
theserver's certificate

Well could it be that indeed the certificate is faulty

Corenti

 

[Corentin Cras-Méneur]

Well could it be that indeed the certificate is faulty?Corentin

Sorry about that. I tried to post through a new version of NemoX and
apparently the newsclient is not quite ready for it yet :-\

Corentin

 

[george spain]

Well could it be that indeed the certificate is faulty?

Corentin

Well, yes. That's what I figured at first. But I can't figure out 1) why
others don't get this message after update and 2) In Entourage, how can I
accept and trust a certificate that may be faulty but I know is real?

Thanks

g

 

[Corentin Cras-Méneur]

Well, yes. That's what I figured at first. But I can't figure out 1) why
others don't get this message after update and 2) In Entourage, how can I
accept and trust a certificate that may be faulty but I know is real?

Entourage might be getting better security-wise and I'm not sure you can
force it to accept a certificate that doesn't make any sense to it.
It's like putting your debit card in an ATM, entering the wrong PIN and
still expect to be able to get some cash out of it :-\

Corentin

 

[William Smith]

Updated to latest Entourage

Upon each restart I get error message:

Unable to Establish a secure connection to exchangeold.xxx.xxx because the
server name or IP address does not match the name or IP address on the
server's certificate.

Several folks have reported this issue since installing SP1. No idea if
this is improved security or if it's a bug. Check with your Exchange
admin and ask if the server is using the "sample" SSL certificate.

Hope this helps!

--

bill

William M. Smith, Microsoft Interop MVP - Mac/Windows
Entourage Help Page <http://entourage.mvps.org/>
Entourage Help Blog <http://blog.entourage.mvps.org/>

 

[Thomas Moy]

Add me to the list. Only started after updating to SP1.

Setup new OS X user, created new account in Entourage 2008 SP1, and
it's showing the error once per Entourage-launch:

"Unable to establish a secure connection to (my domain) because the
correct root certificate is not installed."

We're on Intermedia (Exchange 2007 hosting), aren't seeing any issues
with our Windows Outlook clients, nor pre SP1 Entourage clients. Not
using secure mail.

Weird.

Tom

 

[Diane Ross]

Add me to the list. Only started after updating to SP1.

We're working with MSFT to track this down.

 

[Jevon]

HI I have the same problem did you get a solution?

 

[Diane Ross]

We'll post a solution on the Entourage Help Blog as soon as it's available.
Be sure to subscribe so you get the latest news.
<http://blog.entourage.mvps.org/>

 

[Mother]

Hi,

Just FYI I'm having the same problem with mail2web hosted Exchange. I
think the problem stems from the way the Exchange server field is
entered.

Following mail2web configuration instructions, I configured the
Exchange server address as:

https://ex7.mail2web.com/exchange/[email protected]

The SSL error I get from Entourage mentions the certificate not
matching domain.com, NOT mail2web.com. It seems as if Entourage is
grabbing the final part of the URL, domain.com, and checking the
server certificate's common name against it. I imagine if the accounts
pointed to https://ex7.mail2web.com/exchange this error would not
appear, but I don't have an Exchange server to test my theory with.

Mother

 

[Mother]

I have been looking at the traffic with tcpdump, and finally I have a
tentative answer for the problem (I will know for sure once DNS
records propagate), at least in my particular case. My service,
mail2web, specifies in the setup instructions that you must add an MX
record for your domain (say ex7.domain.com) pointing to their server's
IP, and also add a CNAME for autodiscover.domain.com.

It seems that Entourage is trying to connect to all these domains:

ex7.mail2web.com (https/443)
autodiscover.domain.com (https/443)
domain.com (https/443)
www.domain.com (http/80)

In my case, it's obvious that since autodiscover.domain.com is
pointing to mail2web's IP, the certificate check will fail. Why it is
also checking domain.com and www.domain.com escapes my understanding,
but it's worth considering by anyone having this problem.

IMHO the best solution for this would be an 'Ignore SSL certificate
errors' setting in preferences, and let users deal with their
scenarios - much better than forcing them to go over unsecured
connections, or face clicking the error message every time they start
Entourage.

Regards,

Mother