Nate Silva

Oct 21 2007

How to fix an SSL certificate error in Exchange System Manager

For the longest time I’ve had this error in Exchange System Manager when managing public folders:

The SSL certificate server name is incorrect. ID no: c103b404 Exchange System Manager

This can happen when using Outlook Web Access if your webmail URL doesn’t match the server’s internal name. Exchange System Manager expects your SSL certificate to match the server’s internal name. OWA users — including Windows Mobile devices — expect the certificate to match the server’s public URL.

One solution is to manually change the SSL certificate every time you need to manage a public folder, then change it back when you’re done. That gets old quickly.

Another solution, suggested in a knowledge base article, is to turn off SSL for the IIS Exadmin virtual root. This didn’t work: SSL was turned off for Exadmin but the problem remained.

Here’s an alternate solution that works:

  1. Run adsiedit.msc.
  2. Navigate to: CN=Configuration > CN=Configuration,DC=YOURSITE > CN=Services > CN=Microsoft Exchange > CN=YOURDOMAIN > CN=Administrative Groups > CN=first administrative group > CN=Servers > CN=YOURSERVER > CN=Protocols > CN=HTTP > CN=1 > CN=Exadmin.
  3. Right-click on CN=Exadmin and choose Properties.
  4. Find the attribute called msExchSecureBindings and click Edit.
  5. Remove the value :443: from the list.
  6. Click OK twice to close the dialog boxes.

(Found on Jim McBee’s Mostly Exchange Web Log)

Page 1 of 1