So we been having this issue for a while and I was wondering if their a solution.
Our internal users would get popups about the SSL certificate been invalid due to the name locally (since outlook seems the domain as MAIL.DOMAIN.LOCAL instead of MAIL.DOMAIN.COM) and our domain being DOMAIN.LOCAL.
Yes I am aware of the entire change for SSL certificate requiring other .COM or other forms of name instead of .LOCAL
However this also means we need to re-create the entire domain infrastructure for this one client. Instead I am looking to see if their a way to use a internal self-sign SSL certificate for the internal name and have outlook use that while external, we can use MAIL.DOMAIN.COM.
As of right now our exchange server has both a self-sign for (MAIL.DOMAIN.LOCAL) and a standard SSL for (MAIL.DOMAIN.COM). the standard works fine outside and for mobile devices and OWA but our internal users will constantly get the popup for the SSL certificate being mismatch. Is their a way to force users to use the self-sign one for verification. We tried installing the certificate on the user's outlook but for some, instead of normal two popups, they get the popup constantly with no way for us to stopping it.
Any ideas or workaround?