Outlook 2010 clients not connecting

0

I have a test environment running a single arm configuration w/ 2 Exchange 2013 multirole servers. I have a HLB setup and configured using the reencrypted template and have installed the SSL cert and it's intermediate certs. I'm having an issue where I can access all the web services such as OWA and ECP, but the Outlook 2010 client can't connect to Exchange. I get the following error:

"There is a problem with the proxy servers's security certificate. Outlook is unable to connect to xxx.xxx.com. (Error Code 80000000)"

However, the Outlook 2013 client is able to connect w/o issue. Any ideas what could be causing this?

3 comments

Avatar
0
michael.nickerson

As a guess is your Outlook 2013 client on a newer OS? I had this same exact issue, but with both Outlook 2010 and 2013 on Windows 7.

Turns out the selection option on the Kemp "TLS 1.x Ciphers Only" is poorly worded and should read "TLS 1.2 Ciphers Only". I had used that option to limit the ciphers on my VIP. But Outlook clients on Windows 8.0 or lower only work with TLS 1.0 (http://blogs.technet.com/b/exchange/archive/2015/07/27/exchange-tls-amp-ssl-best-practices.aspx). By either just using the "Default Assignment" cipher list or manually picking the necessary TLS1.0 ciphers I was able to resolve this error message.

Avatar
0
darwin

Michael,
Yes, the Outlook 2010 client was on a Win7 box and the Outlook 2013 client was on a Win10 box. I went back and used the default assignment and now it works like a charm! Thanks for the help!!!

Avatar
0
Mark Deegan

Hello,

server 2003 and 2008 do not support TLS 1.1 or TLS 1.2. When SSL offloading and re-encrypting the TLS selection on the front end is also the TLS selection for the connection to the backend server. Also you will need to install new ciphers on the 2003 server to communicate with the LM. you will need to request the hotfix from here https://support.microsoft.com/en-us/kb/948963

regards

mark