There is a problem with the proxy servers security certificate
Outlook certificate error
I get the following error when using Outlook 2007 to connect to our Exchange server via the public URL: The proxy server’s security certificate has a problem. The security certificate’s name is incorrect or does not correspond to the name of the target site mail.contosco.com.
(Instead of Contosco, our business URL appears in the message.) We set it up with a self-signed certificate, and it works for all of our remote computers except this one. This one is unique in that it is the first Vista 64bit deployment to be tested. It’s also Vista SP2. Our mail server is configured with the FQN mail.contosco.local.
It works if I disable the “Only connect to proxy servers that have this principal name in their certificate:” setting, which includes msstd: mail.contosco.com. I’m confident that all of the other settings are identical to those on our other Vista Outlook 2007 PCs, which are all operational. Do you have any suggestions?
A mismatch between the certificate’s common name and the “only connect to proxy servers” setting may cause this error. More troubleshooting information can be found in this article.
‘the server’s security certificate is not yet valid’. still working
There are two alternatives for resolving the issue. Either generate a new certificate request and add the name to the certificate (see instructions here), or configure Exchange not to autoconfigure Outlook with this name and specify a different name from the certificate. Autodiscover is the term for this kind of autoconfiguration. I’ll go into more detail about that in a later post.
We must choose a name that will appear on the certificate used by CAS servers and/or reverse proxies. Because we are using split brain DNS, we will use the same name, mail.litwareinc.com, in both internal and external DNS. Different names are acceptable as long as both are included on your certificate. Using a single name simplifies troubleshooting and reduces the number of names requested on the certificate, potentially lowering your costs.
If you’re load balancing multiple CAS servers, the external A record must resolve to the CAS server’s public IP or the load balancer’s virtual IP. If you’re using a reverse proxy, you’ll need to set the A record to point to the reverse proxy’s public IP address.
How to fix ‘the site’s security certificate has expired or is not
Outlook error code 8 is one of the most common issues that users run into on a regular basis. It means that there is a problem with the proxy server’s security certificate. Even updating the security certificate does not always solve the problem. This post will show you how to solve this problem in a systematic manner.
Outlook is one of the most popular email clients, and it is used by almost every company. It satisfies organizational needs in the form of a task manager, contact manager, note-taking, journal, and other features. Outlook error is also a very common problem among users. Outlook Error Code 8 is a common error that appears on the user’s screen. When Outlook is in offline mode, however, this error appears.
“There is a problem with the proxy server’s security certificate. The security certificate does not come from a reputable certifying body. Outlook is unable to establish a connection with the proxy server….com (Error Code 8).
This error occurs when security certificates in Exchange server are not bought from an authentic certification source. Perhaps you bought from a reputable source, but it is not listed as a “Trusted Root Certificate Authorities” in your local system.
The outlook is unable to connect to the proxy ..error code 20
For the FQDN of myserve, there is no valid SMTP Transport Layer Security (TLS) certificate. The certificate for that FQDN has run out of validity. The use of that FQDN indefinitely would cause mail flow issues. As soon as possible, a new certificate with the server’s FQDN should be installed on this server. The New-ExchangeCertificate task can be used to generate a new certificate. Myserver’s FQDN does not have a valid SMTP Transport Layer Security (TLS) certificate. The certificate for that FQDN has run out of validity. The use of that FQDN indefinitely would cause mail flow issues. A new certificate with my server’s FQDN should be issued… More…