Hi all,
I have Exchange Server 2013 hosting email for 3 domains, I purchased a SAN Cert (Geotrust) with "Certificate Subject Alt Name" : webmail.mydomain1.com , autodiscover.mydomain1.com , autodiscover.mydomain2.com , autodiscover.mydomain1.com , everything
works fine with OWA, OutlookAnyWhere, AutoDiscover, ...
Now I want to host email for another domain : mynewdomain.com, but I don't want to extend SAN Cert. I added new domain to "Accepted Domains", created new mailboxs with new domain, "new domain users" can use OWA, MS Outlook normally (we ignore SSL Certificate warning) but when they set Exchange mailbox in their smart phone they get error :
Testing the SSL certificate to make sure it's valid ==> Certificate name validation failed ==> Validating the certificate name ==> Certificate name validation failed and Attempting to contact the Autodiscover service using the HTTP redirect method ==> The attempt to contact Autodiscover using the HTTP Redirect method failed ==> The Microsoft Connectivity Analyzer is checking the host autodiscover.newdomain.com for an HTTP redirect to the Autodiscover service ==> The Microsoft Connectivity Analyzer failed to get an HTTP redirect response for Autodiscover ==> An HTTP 403 forbidden response was received. The response appears to have come from Unknown. Body of the response: HTTP Response Headers: X-FEServer: ExchangeServer Content-Length: 0 Date: Tue, 03 Jun 2014 07:18:28 GMT Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Elapsed Time: 374 ms.
autodiscover.newdomain.com A record is pointed to my ExchangeServer ip address.
What should I do to make it work ? Should I create a self-signed Certificate for autodiscover.newdomain.com and add it to ExchangeServer (with enable services SMTP , IIS) ?
And about IIS service, do I have to create a new site autodiscover.newdomain.com and redirect it toautodiscover.exchangeserver.com/AutoDiscover ?