IMAP certificate error

Answered Question
Feb 17th, 2010

I am running a business edition call manager/unity connection server

I have Microsoft outlook IMAP working to the 7.1 Unity Connection server.

Everytime the Outlook client is restarted, it complains about the certificate not being correct.

I don't want this dialog box to pop up every time and wish to just fix the cert issue

I also prefer to fix it on the server side rather than having to go to all my clients

The original disk spin (and subsequent cert generation) I named the server CMPUB but had to rename due to some other issues

I believe (know) that the issue is rooted in the fact that I renamed the Call manager server from CMPUB to its ip address.

When I look at the specific certificate error that I get, it reports that it is from CMPUB.

The question is how do I regenerate the cert on the call manager so that it uses the new hostname so that I don't get these errors anymor?.

I saw a previous 2007 thread on this that references a similar issue for the ccmuser pages and the suggestion was to make sure DNS has the correct statement. I have tried this and it does not seem to make a difference

Anyone have any insight ??

TIA

Correct Answer by htluo about 7 years 6 days ago

First of all, I don't think you renamed your CUCM.  If you went to CUCM > System > Server and rename it there, you just renamed the "process node".

To see the actual "name" (hostname) of your CUCM box, you may use the CLI "show status".

Second, the name of the box won't cause certificate issue.  Technically, you could have a box with hostname "Jonh", while the certificate is presented as "Mary".

If you got the certificate error from client (such as Outlook, Internet Explorer, etc.), there could be only two reasons:

#1 You haven't import the certificate into the client computer's cert store.  This can be fixed by viewing the certificate and click "Install".

#2 The name you used to access the server do not match the name in the certificate.  e.g. You access the server by IP address 192.168.1.100 while the name in the certificate is "mary.acme.local".  To fix that, you may configure DNS or local host file to resolve "mary.acme.local" to 192.168.1.100.  Then access the server by the name.

Hope this helps!

Michael

http://htluo.blogspot.com

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
htluo Wed, 02/17/2010 - 13:15

First of all, I don't think you renamed your CUCM.  If you went to CUCM > System > Server and rename it there, you just renamed the "process node".

To see the actual "name" (hostname) of your CUCM box, you may use the CLI "show status".

Second, the name of the box won't cause certificate issue.  Technically, you could have a box with hostname "Jonh", while the certificate is presented as "Mary".

If you got the certificate error from client (such as Outlook, Internet Explorer, etc.), there could be only two reasons:

#1 You haven't import the certificate into the client computer's cert store.  This can be fixed by viewing the certificate and click "Install".

#2 The name you used to access the server do not match the name in the certificate.  e.g. You access the server by IP address 192.168.1.100 while the name in the certificate is "mary.acme.local".  To fix that, you may configure DNS or local host file to resolve "mary.acme.local" to 192.168.1.100.  Then access the server by the name.

Hope this helps!

Michael

http://htluo.blogspot.com

Actions

This Discussion