Hello,
we are trying to enable hybrid environment and have shot ourselves in the knee, I guess.
Our problem:
Outlook isn't connecting to Exchange at all anymore, always throwing the error
There is a problem with the proxy server's security certificate. The security certificate is not from a trusted certifying authority. Outlook is unable to connect to the proxy server 'exchangeserver.contoso.local(Error Code 8)
The problem came up after we tried to execute the Hybrid Configuration Wizard in our environment. It worked fine before we executed the Hybrid Configuration Wizard.
What can we do to fix this and send/receive email again?
Kind regards,
Alexander
What we have:
As of now we have an on-premise Exchange 2013 with a self-signed certificate on the name exchangeserver.contoso.com, three mail domains (contoso.de, contoso.com and fabrikam.com) and mailboxes in all three domains.
The on-premise Exchange server is behind a NAT router. We have a linux smarthost (I think with postfix). All three domains have the smart host's IP as their MX record, and the smarthost then forwards the mails to our router. Our router relays all packets received from the smarthost's IP address to the mail server, and the Exchange send connector is set to deliver mail via our smarthost.
Sending and receiving mails worked fine until yesterday from our internal NAT network. For our laptops we have a VPN connection to send/receive email during travel; for our mobiles we have port 443 of our NAT router forwarded to the Exchange server. (Exchange mailboxes have to be configured manually on the mobiles, because the NAT router only has an IP, which the security certificate does not match and which does not work with Exchange AutoDiscover.)
Furthermore we have a small O365 organization with mail domain contoso.onmicrosoft.com for testing purposes only.
What we want:
Our international sales reps should be able use Outlook and their mobiles without a VPN connection and without manual configuration, so we want to make a hybrid environment, where the international sales reps are hosted in O365. All mail from/to the company should still come in and leave via our smarthost (which contains a customized auto-answer, a spam filter, antivirus and other security-related stuff). So we will have mailboxes for all three domains hosted on the on-premise Exchange, and single mailboxes for contoso.com hosted on O365. O365 should send/receive via our Exchange server or at least our smarthost.
I have already configured Azure AD connect which is running fine. I was unable to migrate a test mailbox to our O365 server, but I think this is a certificate issue (not completely sure).