I am looking for a solution to the following problem. I have a client that is running Exchange 2007 with Outlook 2003 mail clients. They have an internal Active directory domain with a domain name of I am in the process of upgrading the Outlook client to Outlook 2010. “When launching the client I get the pop up message “The name of the server does not match the certificate”. When I look at the SAN Cert for the Exchange server I noticed that the e-mail server FQDN is not included the SAN certificate. To get rid of the popup box I need to add the FQDN of the internal Exchange server to SAN Cert, correct? Being that their internal domain name is, can I add a .int to the SAN Cert now that they have created the new international domain? Is there a way to get rid of the certificate error if the FQDN cannot be added?

asked 11/01/2011 10:09

Loffler_Paul's gravatar image

Loffler_Paul ♦♦

3 Answers:
Yes you could add the internal FQDN by recreating your SAN cert if you were using an internal CA. Or puchase a new cert with the internal names in it.

The easiest way is to create a Split DNS
- Create an internal DNS zone with the same name as the one showing in your existing certificate (your external domain) and pointing it to your local IP address of exchange
You will also have to change the internal URLs of Exchange virtual directories following this KB:


sirakov's gravatar image


You dont need server fqdn in your SAN cert. You need to configure your autodiscover record and include it in the certificate.

Check and

answered 11/01/11 07:32 AM

Rajith_Enchiparambil's gravatar image


Yes as sirakov says follow that article 940726 to resolve this issue

answered 11/01/11 09:00 AM

praveenkumare_sp's gravatar image


Your answer
[hide preview]

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments



Asked: 11/01/2011 10:09

Seen: 401 times

Last updated: 11/02/2011 02:02