We are currently using a wildcard certificate: *.ourdomain.com
We are going to change from a wildcard and start using: mail.ourdomain.com
I did the following:
1. Added the intermediate certs on each CAS server in the "Intermediate Certificate Authority" section
2. Imported the mail.ourdomain.com cert in Exchange on each CAS server.
3. Assigned the IIS and SMTP services to the mail.ourdomain.com cert on the CAS server.
4. Ran the following commands in EMS:
Set-OutlookProvider EXPR -CertPrincipalName msstd:mail.ourdomain.com
Set-OutlookProvider EXCH -CertPrincipalName msstd:mail.ourdomain.com
5. Imported the cert on our antispam appliance
6. Restarted each CAS server
Outlook users received the following errors:
Also, when I test with CheckTLS.com with the mail.ourdomain.com, I see the following:
How can I resolve this?