Microsoft Exchange 2007 Self Signed Certificate question

[anthonyaudi]

Hello fellow MSFNers. I have a question for all the Exchange Gurus here.

My certificate recently expired. Now I reissued a new certificate and deleted the old one. All is fine and dandy the certificate now has a good date. However, I am presented with an issue that is making me scratch my head. I am not sure if it is because it cannot be done or I am simply doing it incorrectly.

When I go to https://webmail.mycompany.com/owa I am presented with the following error:

In Firefox: webmail.mycompany.com uses an invalid security certificate.

The certificate is not trusted because it is self-signed.

The certificate is only valid for the following names:

SERVER , SERVER.mycompany.local

In Internet Explorer:

The security certificate presented by this website was not issued by a trusted certificate authority.

The security certificate presented by this website was issued for a different website's address.

Now when I go into my Management Console and into Certificates under the Personal store I have my certificate. Under Trusted Root Certification Authorities I also have the certificate. When I double click on the certificate I have no errors or warnings. All seems good.

The services enabled on this certificate are SMTP IIS POP IMAP.

My question is the following: Is there any way without purchasing a certificate and without having to go to every single computer to import the certificate, to access the OWA homepage right away without having to click "Not Recommended"

If there is can someone please tell me how to do it as I am lost.

I have followed a few how to's but I am always presented with the same error.

When I click inside my exchange management console and run the following command

get-exchangecertificates | fl

The certificate that is valid has the following certificatedomains: server, server.mydomain.local

Is there anyway to have that certificate also have -----webmail.mydomain.com in it?

[anthonyaudi]

I guess this is one of those questions where I might not be in the right forum?

Anyone have any clues?

[allen2]

Indeed you need to add all needed FQDN when creating the self signed certificate (as explained there) and that should solve one problem : the OWA website should only show that the certificate is self signed until you add/deploy the certificate of your certificate autority on the computers needing to access to the OWA.