Friday, July 20, 2012

Exchange 2010 SAN Certificate Mismatched Address

Obtained an Exchange 2010 SAN Certificate from a Windows 2008 R2 Enterprise Root CA in a test environment.

When accessing OWA with IE I got a warning:
Mismatched Address
The security certificate presented by this website was issued for a different website's address

Cause: the Common Name of the certificate should also be part of the Subject Alternative Name field.

SAN Cert example:

CN: webmail.contoso.com

Subject Alternative Name field:
webmail.contoso.com
autodiscover.contoso.com