Topic: Certificate error from local LAN on server-manager [SOLVED]

[etmrugl]

when I try to access the server-manager through:
https://localserver/server-manager
Internet Explorer 7 complains about a Certificate error, to be more specific "Mismatched Address" , The security certificate presented by this website was issued for a different website's address.

When I view the certificate it is issued for localserver.mydomain.net. If I go to the server-manager by typing https://localserver.mydomain.net/server-manager IE says: cannot display the webpage.

I have the same issue with https://www.mydomain.net/webmail if I access it from my local LAN.

Does anyone has a clue how to solve this? I searched all day, but with no luck. Running SME Server 7.4

BR, Ruud

[Craig Cabrey]

Does the DNS server properly resolve 'localserver.mydomain.net'? In other words, does that address resolve to the correct IP or not at all?

[cactus]

Does anyone has a clue how to solve this? I searched all day, but with no luck. Running SME Server 7.4

Most likley because SME Server uses a so-called self-signed certificate, which is not signed by any major trusted party build in in your OS. Is there no option to accept the certificate or pass this, I am unfamiliar with latest IE's, but I believe older ones, as well as all Firefox browsers have a option to still accept the certificate. Most of the times the clue/link for accepting the certificate is somewhere in small print on the error page.

If you accepted this in the past it might be that the certificate changed and you will need to delete the trust with the old one and accept the new one.

[etmrugl]

DNS:

nslookup localserver will resolve to the correct internal IP address
nslookup localserver.mydomain.net : can't find / Non-existant domain.

[etmrugl]

Hi Cactus,

the issue is not about accepting certificates, but about mismatched addresses. In my webbrowser I point to https://localserver/server-manager and the certificate says localserver.mydomain.net. IE does not accept that.

[etmrugl]

If I set the CommonName to 'localserver' the server-manager from within the local LAN will work without certificate error, but then the webmail from the outsite will NOT work without ceritificate error.
So it seems that there should be 2 directions for a solution:

1. use internally 'localhost.mydomain.net/server-manager'
(which currently doesn't work on my server)

2. use a certificate that both serves 'localhost' and 'www.mydomain.net'
(and I don't how to get that working)
does anyone has an idea?

[p-jones]

Etmrugl

I am not sure if I am understanding your problem.

Have you tried to flush your DNS cache on your workstation ? (ipconfig /flushdns) or by doing a repair on the network connection then repeating your eforts ?

[etmrugl]

I found the problem:
On my workstation I used the ADSL-modem/router as DNS server. As soon as I started to use the sme server as preferred DNS server, everything worked fine.