Hi all,
My environment : 2 Exchange servers 2013 CU19 (both Mailbox + CAS roles) in DAG : ex1.localdomain.com , ex2.localdomain.com . They host mail for @externaldomain.com
I bought SAN ssl certificate for webmail.externaldomain.com + autodiscover.externaldomain.com. I imported and assigned IIS, POP, IMAP , SMTP services to it.
When clients from internet try to use mail clients connecting to webmail.externaldomain.com to setup POP/IMAP they get error "unable to find valid certification path to requested target"
IMAP server : webmail.externaldomain.com
SMTP server : webmail.externaldomain.com
Should I follow this
article and change "Client Frontend" connector FQDN to webmail.externaldomain.com ? (also TlsCertificateName, AdvertiseClientSettings)
This is my connector config:
Get-ReceiveConnector "server2\Client Frontend server2" | fl
RunspaceId : 3f031550-44b9-4e9f-8718-95973c9a7476
AuthMechanism : Tls, Integrated, BasicAuth, BasicAuthRequireTLS
Banner :
BinaryMimeEnabled : True
Bindings : {[::]:587, 0.0.0.0:587}
ChunkingEnabled : True
DefaultDomain :
DeliveryStatusNotificationEnabled : True
EightBitMimeEnabled : True
SmtpUtf8Enabled : False
BareLinefeedRejectionEnabled : False
DomainSecureEnabled : False
EnhancedStatusCodesEnabled : True
LongAddressesEnabled : False
OrarEnabled : False
SuppressXAnonymousTls : False
ProxyEnabled : False
AdvertiseClientSettings : False
Fqdn : server2.localdomain.com
ServiceDiscoveryFqdn :
TlsCertificateName :
Comment :
Enabled : True
ConnectionTimeout : 00:10:00
ConnectionInactivityTimeout : 00:05:00
MessageRateLimit : 200
MessageRateSource : User
MaxInboundConnection : 5000
MaxInboundConnectionPerSource : 100
MaxInboundConnectionPercentagePerSource : 10
MaxHeaderSize : 128 KB (131,072 bytes)
MaxHopCount : 60
MaxLocalHopCount : 12
MaxLogonFailures : 3
MaxMessageSize : 26 MB (27,262,976 bytes)
MaxProtocolErrors : 5
MaxRecipientsPerMessage : 200
PermissionGroups : ExchangeUsers
PipeliningEnabled : True
ProtocolLoggingLevel : Verbose
RemoteIPRanges : {::-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff, 0.0.0.0-255.255.255.255}
RequireEHLODomain : False
RequireTLS : False
EnableAuthGSSAPI : True
ExtendedProtectionPolicy : None
LiveCredentialEnabled : False
TlsDomainCapabilities : {}
Server : server2
TransportRole : FrontendTransport
SizeEnabled : Enabled
TarpitInterval : 00:00:05
MaxAcknowledgementDelay : 00:00:30
AdminDisplayName :
ExchangeVersion : 0.1 (8.0.535.0)
Name : Client Frontend server2
DistinguishedName : CN=Client Frontend server2,CN=SMTP Receive
Connectors,CN=Protocols,CN=server2,CN=Servers,CN=Exchange Administrative
Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=First
Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=localdomain,DC=com
Identity : server2\Client Frontend server2
Guid : b9d895a8-96f9-4d25-aaa3-1422d95bf4af
ObjectCategory : localdomain.com/Configuration/Schema/ms-Exch-Smtp-Receive-Connector
ObjectClass : {top, msExchSmtpReceiveConnector}
WhenChanged : 4/2/2019 10:33:55 PM
WhenCreated : 5/16/2018 9:24:08 AM
WhenChangedUTC : 4/2/2019 3:33:55 PM
WhenCreatedUTC : 5/16/2018 2:24:08 AM
OrganizationId :
Id : server2\Client Frontend server2
OriginatingServer : ad.localdomain.com
IsValid : True
ObjectState : Unchanged
Please give me some advice.