Topic Last Modified: 2009-03-31

This topic describes how to troubleshoot an issue that can occur when you try to use Auto Account Setup through an RPC over HTTP connection to create a profile for Microsoft Office Outlook 2007. In this scenario, you may be prompted repeatedly for credentials. If you click Cancel on the prompt, you receive the following error message:

There is a problem with the proxy server's security certificate.

The name on the security certificate is invalid or does not match the name of the target site ExternalMaiServerName

This issue occurs if RPC over HTTP is configured to use a wildcard certificate or a certificate for which the Certificate Subject Name is the name of the internal server. When Auto Account Setup configures the profile, the external server name is used as the default for the Certificate Principal Name. When Outlook 2007 connects to the Exchange server, the Certificate Principal Name is compared to the Certificate Subject Name. Because the Certificate Principal Name does not match the Certificate Subject Name, you are prompted for credentials, and the error message occurs if you click Cancel.

For example, the Certificate Subject Name may be *.microsoft.com. The name of the internal server may be intmailsvr.microsoft.com. The name of the external server may be mail.microsoft.com. When a profile for Outlook 2007 is configured by using Auto Account Setup through an RPC over HTTP connection, the Certificate Principal Name mail.microsoft.com is used. However, the correct Certificate Principal Name in this scenario is *.microsoft.com. 

To resolve this issue, use the Exchange Management Shell to add the correct Certificate Principal Name in the profile.

To add the correct Certificate Principal Name in the profile
  1. Start Exchange Management Shell.

  2. Run the following command:

    Set-OutlookProvider -identity EXPR -CertPrincipalName "msstd:<SubjectNameOfTheCertificateUsedForRPCOverHTTP>"

    For example, type the following:

    Set-OutlookProvider -identity EXPR -CertPrincipalName "msstd:*.microsoft.com"

  3. Close Exchange Management Shell.