Ureader.com  
Microsoft software help and Community
   home   |   control panel login   |   archive   |  
 
Exchange
2000.active.directory
2000.admin
2000.announcements
2000.app.conversion
2000.applications
2000.clients
2000.clustering
2000.connectivity
2000.development
2000.documentation
2000.general
2000.information.store
2000.interop
2000.kms
2000.misc
2000.protocols
2000.realtime.collabo.
2000.setup
2000.transport
2000.win2000
admin
application.conversion
applications
clients
clustering
connectivity
design
development
misc
mobility
setup
tools
  
 
date: Thu, 6 Dec 2007 07:22:58 -0800 (PST),    group: microsoft.public.exchange.connectivity        back       


MS Exchange 2007 Multiple-CN certificate bug?    
Hello All,

I've found what seems to be a bug.

I have a multi-CN certificate, wich bounds to the IIS, IMAPs, POP3s
and SMTP service.

All of them recognized properly the certificate, except for the
Receive and Send Connectors (SMTP) service.

I'll clarify.

The certificate has the following CNs:
E = dont.bother@me
CN = mail.mycompany.com.br
CN = mail.formercompany.com.br
CN = pop.mycompany.com.br
CN = pop.formercompany.com.br
CN = smtp.mycompany.com.br
CN = smtp.formercompany.com.br
CN = imap.mycompany.com.br
CN = webmail.mycompany.com.br
CN = formercompanysrv01.formercompany.corp
OU = Infra-Estrutura
O = Mycompany Inovacoes Tecnologicas
L = Sao Paulo
S = SP
C = BR

Notice that the 1st CN is mail.mycompany.com.br

If I set my Default Receive Connector (msexchange/Server
Configuration / Hub Transport / Receive Connectors) that his HELO/EHLO
string should be, for instance, smtp.mycompany.com.br, I'll get
MSExchangeTransport event 12014.
HOWEVER, If I set the string to mail.mycompany.com.br, the Exchange
swallow it without complaining and works just fine. Notice that
mail.mycompany.com.br is the *1st* CN of the certificate.
This behaviour also happens on a Send Connector (msexchange/
Organization Configuration / Hub Transport / Send Connectors)

I'd stress that the IIS, POP and IMAP services works fine with their
respective strings, without having to reset it to the 1st CN of the
certificate.

FYI.

RF.
date: Thu, 6 Dec 2007 07:22:58 -0800 (PST)   author:   Rodrigo A B Freire

Re: MS Exchange 2007 Multiple-CN certificate bug?    
BTW:
Exchange Server 2007
Version: 08.01.0240.006

On 6 dez, 13:22, Rodrigo A B Freire  wrote:
> Hello All,
>
> I've found what seems to be a bug.
>
> I have a multi-CN certificate, wich bounds to the IIS, IMAPs, POP3s
> and SMTP service.
>
> All of them recognized properly the certificate, except for the
> Receive and Send Connectors (SMTP) service.
>
> I'll clarify.
>
> The certificate has the following CNs:
> E = dont.bother@me
> CN = mail.mycompany.com.br
> CN = mail.formercompany.com.br
> CN = pop.mycompany.com.br
> CN = pop.formercompany.com.br
> CN = smtp.mycompany.com.br
> CN = smtp.formercompany.com.br
> CN = imap.mycompany.com.br
> CN = webmail.mycompany.com.br
> CN = formercompanysrv01.formercompany.corp
> OU = Infra-Estrutura
> O = Mycompany Inovacoes Tecnologicas
> L = Sao Paulo
> S = SP
> C = BR
>
> Notice that the 1st CN is mail.mycompany.com.br
>
> If I set my Default Receive Connector (msexchange/Server
> Configuration / Hub Transport / Receive Connectors) that his HELO/EHLO
> string should be, for instance, smtp.mycompany.com.br, I'll get
> MSExchangeTransport event 12014.
> HOWEVER, If I set the string to mail.mycompany.com.br, the Exchange
> swallow it without complaining and works just fine. Notice that
> mail.mycompany.com.br is the *1st* CN of the certificate.
> This behaviour also happens on a Send Connector (msexchange/
> Organization Configuration / Hub Transport / Send Connectors)
>
> I'd stress that the IIS, POP and IMAP services works fine with their
> respective strings, without having to reset it to the 1st CN of the
> certificate.
>
> FYI.
>
> RF.
date: Thu, 6 Dec 2007 07:29:06 -0800 (PST)   author:   Rodrigo A B Freire

Google
 
Web ureader.com


    COPYRIGHT 2007, YARDI TECHNOLOGY LIMITED, ALL RIGHT RESERVE  |   contact us