29 C
Tuesday, April 23, 2024

The name on the security certificate is invalid – Exchange 2013

Domain joined machines and outlook pop up shows up with this error

“The name on the security certificate is invalid or does not match the name of the site”


Coz the internal server name is not listed in my cert as recommended


Now Outlook get this pop up while retrieving the Autodiscover information

you got to change this entry to avoid this . so that it will start looking at mail.testcareexchange.biz


Get-ClientAccessServer | fl Identity,*uri*


Now run to set to the entry which is on the cert.

Set-ClientAccessServer -Identity EXCH2013 -AutoDiscoverServiceInternalUri https://mail.testcareexchange.biz/Autodiscover/Autodiscover.xml



Do an IISreset – if changes doesnt take effect.

Satheshwaran Manoharan
Satheshwaran Manoharanhttps://www.azure365pro.com
Award-winning Technology Leader with a wealth of experience running large teams and diversified industry exposure in cloud computing. From shipping lines to rolling stocks.In-depth expertise in driving cloud adoption strategies and modernizing systems to cloud native. Specialized in Microsoft Cloud, DevOps, and Microsoft 365 Stack and conducted numerous successful projects worldwide. Also, Acting as a Technical Advisor for various start-ups.

Related Articles


  1. Dear Sathis,

    As mentioned in the above blog , i was also facing the same issue, i was followed your documention as mentioned above and made changes but still the certificate error poping up this is happening internally .
    Kindly Advice

  2. Only a quarter of the fix and IISReset does nothing, to actually fix it, enter these THREE commands: NOTE: replace SRVNAME with your servers internal NETBIOS name and YOURURL with the external url that matches you cert (without the )

    Set-ClientAccessServer -Identity SVRNAME -AutoDiscoverServiceInternalUri https://YOURURL/Autodiscover/Autodiscover.xml

    Set-WebServicesVirtualDirectory -Identity “SVRNAME\EWS (Default Web Site)” -InternalUrl https://YOURURL/ews/exchange.asmx

    Set-OABVirtualDirectory -Identity “SVRNAME\oab (Default Web Site)” -InternalUrl https://YOURURL/oab

    Open IIS
    Goto Application Pools
    Right click MSExchangeAutodiscoverAppPool then click Recycle

    Your welcome

      • Hello guys,

        I have ran all the above three command plus the one shown bellow and it has solved my problem. Make sure to change the Thumbprint with the one shown on your valid certificate.

        Enable-ExchangeCertificate -Thumbprint F633DA9BFB45D902C0B0CE8A8D4F2EA045D95744 -Services “SMTP
        , IIS”

        Kida regards



Please enter your comment!
Please enter your name here

× How can I help you?