Monday, February 14, 2011

Users are getting “Security certificate on server is not valid” error message when trying to access emails from their mobile devices ...And you just recently has renewed the CAS & ISA 's Verisign certifcates

UPDATED 02/15/2011

I know I not new, ours Verisign friends have published new Intermediate certificates, so all new or renewed certificates requested at (10/30/2010)  with all possible path set, will need to update or install this Intermediate certificate in the servers, in mobile devices and clients machines as well..

SSL/TLS certificates issued by VeriSign after Oct 10th 2010 will use a trust chain that includes the new intermediate certificates. You may need to import these certificates into CAS and ISA Server to support TLS with partners.
If you use VeriSign for your TLS certificates, I believe you need to import these new intermediate certificates before importing any newly requested VeriSign TLS certificate
See the link

If you enrolled for your certificate between May 17, 2009 and October 10th, 2010 Click here for your Intermediate CA

If you enrolled for your certificate before May 17, 2009
Click here for your Intermediate CA

Download the root CA for Windows XP SP3

Please follow this link for how to install this certificate in Windows Server environments



"The name of the security certificate is invalid or does not match the name of the site" when check Free/Busy calendar availability or OOF message

OOF and Free/Busy calendar availability depends on Autodiscovery Service.

First of all to get this availability for Outlook anywhere the /Autodiscover folder should be published form ISA server , and configuring the External URL in CAS servers.

Enable-OutlookAnywhere -Server CAS01 -ExternalHostname "" -ExternalAuthenticationMethod "Basic" -SSLOffloading:$False

Set-OABVirtualDirectory -identity "CAS01\OAB (Default Web Site)" -externalurl -RequireSSL:$true

Set-WebServicesVirtualDirectory -identity "CAS01\EWS (Default Web Site)" -externalurl -BasicAuthentication:$True

Windows 2008 R2 Sp1 and Exchange

Good mooooornig Buenos Aires...and wherever you are...
The Windows Team Announcing Availability of Windows 7 and Windows Server 2008 R2 SP1, and what about our exchange servers???
The Exchange Team says yes!..please check below :
( see

We wanted to let you know that we've completed testing with Windows 2008 R2 SP1 and the following versions of Exchange are supported to run on Windows 2008 R2 SP1 (the RTM version of SP1):
  • Exchange 2010 SP1
  • Exchange 2010 RTM
  • Exchange 2007 SP3
Please note that Exchange 2007 was not supported to run on Windows 2008 R2 at all before Exchange 2007 SP3 release.
Also note, Windows 2008 R2 SP1 includes the hotfixes required to install Exchange 2010 SP1 (listed in Exchange 2010 SP1 FAQ and Known Issues — 979744, 983440, 979099, 982867 and 977020). If you're installing Exchange 2010 SP1 on a server running Windows 2008 R2 SP1, you don't need to install these hotfixes separately.