Re: Another Outlook Anywhere thread. Please help
If the cert isn’t “valid” then it will fail. Outlook doesn’t give you the option to accept the failure like IE does.
A self signed cert isn’t trusted by default on any machine whereas public certificates are. This is because their root level certificates are already in the OS/applications that you use. If you want your self signed cert to work you need to put your root certificate into the trusted root certificate authorities container (depending on how you signed your cert you may find it is the same certificate as the one you are using). If you open an MMC and then certificates/local computer you can see the existing certs (like verisign, thawte etc). There is no difference between you adding yours and you cert working and using a cert from one of these publishers apart from the extra work adding yours to each machine. Obviously publishing a secure webpage and then asking external clients to trust your cert isn’t a suitable way to go so this is why people buy the trusted root supplied certificates.
You also need to make sure your self signed cert is valid externally, i.e. it is for a fqdn that has a DNS record externally. This would be something like outlook.externaldomain.com rather than outlook or outlook.internaldomain.local.
Bearing in mind the public certs are reasonably cheap you would be better going down that route really though. Pretty sure Sembee has indicated before a great supplier to use although I don’t know them off the top of my head.
Probably nothing to worry about as well but any cert below a 1024 bit key length is no longer valid in Microsoft OS anymore but it is highly likley yours is above this.