The SSL certificate server name is incorrect. ID no: c103b404
May 6, 2008 34 Comments
This error occurs when trying to view Public Folders in the Exchange System manager when he SSL certificate name differs between the FQDN and the local server name. The Exchange System Manager will not allow you to view the public folders as it believes the folder name to be incorrect.
This can be resolved using a front-end, back-end scenario, but what if you are stuck with a single Exchange server (ie. SBS) in your environment?
On following a few blogs and sites, the solution seems to be to remove SSL requirement for that particular folder in the IIS Manager. This didn’t work for me though – and I found a lot of people out there with unresoved issues on Experts Exchange etc.
The end solution was to use the ADSIEdit utility to manually stop the Exchange System Manager from using SSL.
The steps are as follows:
1) Install the ADSIEdit Utility (one of the Windows Server 2003 Support tools) from your SBS2003 CD (CD2) using suptools.msi
2) Run a Microsoft Management console (Start->Run->MMC)
3) Open the ADSIedit.msc (browse to the Support Tools folder)
4) Browse through to
Configuration > Services > Microsoft Exchange > Domain Name > Administrative Groups > First Administrative Group > Servers > Servername > Protocols > HTTP > 1 > Exadmin
5) Right click msExchSecureBindings, and click Properties
6) Highlight :443: and click Remove
7) Click OK
Restart the Exchange System Attendant and the IIS Admin service
Exchange system manager will now no longer try to use SSL when connecting to the service.
Thanks – that is really working …
Thanks a lot!!! You saved me
Fantastic. A solution that works. Thank you.
Awesome stuff. Works like a charm!!!
THANKS!!
what are the security ramifications of this, with respect to Outlook Web?
The only security issues are that traffic sent between the ESM and the Exchange server is unencrypted. There is no impact on OWA. If concerned about encryption between the management console and the Exchange server you can always RDP into the Exchange server and run the Exchange System Manager locally.
extremely helpful. my compliments sir.
Much Appreciated, getting rather worried about not being able to see the public folders…. SBS sucks
Pingback: suursavo.org » Blog Archive » Exchange Public Folders SSL-sertifikaattiongelma
Thanks – saved my day (or night maybe)
Tanks,
It works fine, good luck with your blog.
A Admin.
Pingback: vandrei Blog » Blog Archive » Exchange System Manager
Thanks,
It works like acharm, very nice job !
Hilitec
GJ m8y, proper pleased with that.
Thanks V much
Wow. Hours and hours of trying to fix this…and THAT was all I had to do?
THANK YOU!!!
No luck here. Some other service to restart, maybe?
Found it! When I removed SSL from Exadmin, it either didn’t stick or I screwed up the 128 bit/require SSL box sequence. Thanks.
Worked perfectly. Thank you for posting the fix.
After all these hours searching for solution finally bingo!
Thanks a lot!!
Thanks, it’s been years trying to fix this
Will I need to make the FQDN match the local server name in order to access OWA, share point, etc. from an outside location (i.e., over the Internet)?
Hi Tom
This only affects the SSL certificate used by the Exchange System Manager so it doesn’t have an impact on OWA or anything else.
It effectively stops the ESM from using SSL.
Hope this helps
Paul
Thank you. The instructions solved the problem.
I understand that this will stop ESM from using SSL. However, if I
want to use SSL over the internet to access Exchange mailboxes or
public folders (OWA) or Sharepoint web sites will I run into problems
because the server name is incorrect in the certificate?
I guess what I’m asking is … isn’t this certificate used by other
applications that utilize SSL? And therefore, shouldn’t I change the
certificate or create a new certificate to utilize the correct server
name? That way ESM as well as other applications would work properly
even with SSL on?
Thanks again for any help you can provide.
Tom
Thanks for this – tried everything else on other sites, nothing else worked. This worked perfectly.
Hello, i have the same problem on my runing W2K3 R2 Server with Exchange 2003 installed (not SBS 2003).
I have tried your solution but the entry msExchSecureBindings is alway empty.
At the moment i get the error c103b404 from the Exchange System Manager when accessing the public folders or trying to generate a new one.
Is there anything else i can try to fix this problem?
Thanks
Stefan from Germany
Hi,
I have Win2k3 sp2 DC/GC server with Exchange 2003 sp2.
It’s the same for me. msExchSecureBindings is always empty. I restared both IIS and System Attendant services and I am still getting the error c103b404 when I tried to view Public Folders inside System Manager.
have you found a solution Stefan?
Travis from Canada
Hello Travis,
until now i don’t found an solution to this problem.
Stefan
this helped.
Thanks for sharing such a nice post..
Yip same here the value is blank in SBS 2003 R2 and still getting the error, anyone any ideas? THanks, JP
Right for anyone that found 443 missing already there are do workarounds:
1) Do what microsoft says and disable the requirement for SSL for excadmin in IIS and then block port 80 at the firewall so external users still need to use SSL.
2)Much nicer solution add and FQDN entry to your hosts file matching the ssl FSDN to the server IP address. You don’t even need to restart the services!
JP
Thanks. This worked and stopped the pain!
Note: might want to edit your instructions just to be accurate. At STEP 5 it should say:
5) right-click on EXADMIN and select Properties
6) scroll down to msExchSecureBindings, click on it and click “EDIT”
7) Highlight :443: and click Remove
Cannot thank you enough. I really did want to create a new certificate which is what Microsoft suggested after removing the SSL requirment though IIS didn’t work. You’re a genius!