Outlook – Error “The name of the security certificate is invalid or does not match the name of the site.”

Problem
Seen in Outlook when connecting to a mailbox on an Exchange Server, its caused by using a self signed certificate OR a purchased certificate, where the internal and external names are different.

 

Solution
1. On the Exchange Server > Start > All Programs > Microsoft Exchange Server {version} > Exchange Management Console.
Exchange 2016
Set-ClientAccessService -Identity <server> -AutoDiscoverServiceInternalUri https://mail.mydomain.com/autodiscover/autodiscover.xml

Set-OwaVirtualDirectory -Identity "<server>\OWA (Default Web Site)" -ExternalUrl https://mail.mydomain.com/owa -InternalUrl https://mail.mydomain.com/owa

Set-EcpVirtualDirectory -Identity "<server>\ECP (Default Web Site)" -ExternalUrl https://mail.mydomain.com/ecp -InternalUrl https://mail.mydomain.com/ecp

Set-WebServicesVirtualDirectory -Identity "<server>\EWS (Default Web Site)" -ExternalUrl https://mail.mydomain.com/EWS/Exchange.asmx -InternalUrl https://mail.mydomain.com/EWS/Exchange.asmx

Set-ActiveSyncVirtualDirectory -Identity "<server>\Microsoft-Server-ActiveSync (Default Web Site)" -ExternalUrl https://mail.mydomain.com/Microsoft-Server-ActiveSync -InternalUrl https://mail.mydomain.com/Microsoft-Server-ActiveSync

Set-OabVirtualDirectory -Identity "<server>\OAB (Default Web Site)" -ExternalUrl https://mail.mydomain.com/OAB -InternalUrl https://mail.mydomain.com/OAB

Set-MapiVirtualDirectory -Identity "<server>\mapi (Default Web Site)" -ExternalUrl https://mail.mydomain.com/mapi -InternalUrl https://mail.mydomain.com/mapi

Set-ClientAccessServer -Identity <server> AutoDiscoverServiceInternalUri https://mail.mydomain.com/Autodiscover/Autodiscover.xml

Set-OutlookAnywhere -Identity "<server>\RPC (Default Web Site)" -ExternalHostname mail.mydomain.com -InternalHostname mail.mydomain.com -ExternalClientsRequireSsl $true -InternalClientsRequireSsl $true -DefaultAuthenticationMethod NTLM
Exchange 2010 and SBS 2011 (change the values in red)

Set-ClientAccessServer -Identity EXCHANGE-MAIL -AutodiscoverServiceInternalUri https://mail.publicdomain.co.uk/autodiscover/autodiscover.xml

Set-WebServicesVirtualDirectory -Identity “EXCHANGE-MAIL\EWS (Default Web Site)” –InternalUrl https://mail.publicdomain.co.uk/EWS/Exchange.asmx

Set-OABVirtualDirectory -Identity “EXCHANGE-MAIL\OAB (Default Web Site)” -InternalURL https://mail.publicdomain.co.uk/OAB

Set-ActiveSyncVirtualDirectory -Identity “EXCHANGE-MAIL\Microsoft-Server-ActiveSync (Default Web Site)” -InternalURL https://mail.publicdomain.co.uk/Microsoft-Server-Activesync

Outlook Anywhere Note

If you intend to use Outlook Anywhere, you may also want to execute the following command. Particularly if you use SBS, which has a habit of setting remote.publicdomain.com as the default outside name.

Set-WebServicesVirtualDirectory –Identity ‘EXCHANGE-MAIL\EWS (Default Web Site)’ –ExternalUrl https://mail.publicdomain.co.uk/ews/exchange.asmx

Exchange 2007 (change the values in red)

Set-ClientAccessServer -Identity EXCHANGE-MAIL -AutodiscoverServiceInternalUri https://mail.publicdomain.co.uk/autodiscover/autodiscover.xml

Set-WebServicesVirtualDirectory -Identity “EXCHANGE-MAIL\EWS (Default Web Site)” -InternalUrl https://mail.publicdomain.co.uk/ews/exchange.asmx

Set-OABVirtualDirectory -Identity “EXCHANGE-MAIL\oab (Default Web Site)” -InternalUrl https://mail.publicdomain.co.uk/oab

Set-UMVirtualDirectory -Identity “EXCHANGE-MAIL\unifiedmessaging (Default Web Site)” -InternalUrl https://mail.publicdomain.co.uk/unifiedmessaging/service.asmx
For Small Business Server 2008
For SBS 2008 the commands are Different! (the following commands are for Exchange 2007 on SBS 2008 ONLY;

Set-ClientAccessServer -Identity EXCHANGE-MAIL -AutodiscoverServiceInternalUri https://mail.publicdomain.co.uk/autodiscover/autodiscover.xml

Set-WebServicesVirtualDirectory -Identity “EXCHANGE-MAIL\EWS (SBS Web Applications)” -InternalUrl https://mail.publicdomain.co.uk/ews/exchange.asmx

Set-OABVirtualDirectory -Identity “EXCHANGE-MAIL\oab (SBS Web Applications)” -InternalUrl https://mail.publicdomain.co.uk/oab

et-UMVirtualDirectory -Identity “EXCHANGE-MAIL\unifiedmessaging (SBS Web Applications)” -InternalUrl https://mail.publicdomain.co.uk/unifiedmessaging/service.asmx
Note: where EXCHANGE-MAIL is internal and mail.publicdomain.co.uk is external name

2. Then open the IIS Manager Expand Application Pools > MSExchangeAutodiscoverAppPool > Right Click > Recycle.
Note: You may have to enter the FQDN of the server rather than its Netbios name!!