Wednesday , August 12 2020

The name on the security certificate is invalid – Exchange 2013

Domain joined machines and outlook pop up shows up with this error

“The name on the security certificate is invalid or does not match the name of the site”


Coz the internal server name is not listed in my cert as recommended


Now Outlook get this pop up while retrieving the Autodiscover information

you got to change this entry to avoid this . so that it will start looking at


Get-ClientAccessServer | fl Identity,*uri*


Now run to set to the entry which is on the cert.

Set-ClientAccessServer -Identity EXCH2013 -AutoDiscoverServiceInternalUri



Do an IISreset – if changes doesnt take effect.

About Satheshwaran Manoharan

Satheshwaran Manoharan is an Microsoft Office Server and Services MVP , Publisher of Specialized in Office365 / Microsoft Exchange / Virtualization , Sathesh is an Messaging Expert supporting/Designing/Deploying many medium size businesses to large enterprises when it comes to Corporate messaging and Virtualization Infrastructure

Check Also

OAuth and Microsoft Graph on Exchange on-premises with Hybrid Modern Authentication

Hybrid Modern Authentication (HMA) for Exchange On-Premises is being there for while which has a …


  1. Dear Sathis,

    As mentioned in the above blog , i was also facing the same issue, i was followed your documention as mentioned above and made changes but still the certificate error poping up this is happening internally .
    Kindly Advice

  2. Only a quarter of the fix and IISReset does nothing, to actually fix it, enter these THREE commands: NOTE: replace SRVNAME with your servers internal NETBIOS name and YOURURL with the external url that matches you cert (without the )

    Set-ClientAccessServer -Identity SVRNAME -AutoDiscoverServiceInternalUri https://YOURURL/Autodiscover/Autodiscover.xml

    Set-WebServicesVirtualDirectory -Identity “SVRNAME\EWS (Default Web Site)” -InternalUrl https://YOURURL/ews/exchange.asmx

    Set-OABVirtualDirectory -Identity “SVRNAME\oab (Default Web Site)” -InternalUrl https://YOURURL/oab

    Open IIS
    Goto Application Pools
    Right click MSExchangeAutodiscoverAppPool then click Recycle

    Your welcome

    • i followed all the steps but still not working any ideas

      • Hello guys,

        I have ran all the above three command plus the one shown bellow and it has solved my problem. Make sure to change the Thumbprint with the one shown on your valid certificate.

        Enable-ExchangeCertificate -Thumbprint F633DA9BFB45D902C0B0CE8A8D4F2EA045D95744 -Services “SMTP
        , IIS”

        Kida regards


Leave a Reply

Your email address will not be published.