无法验证到服务器的安全证书 打开outlook提示…无法验证的安全证书……

各位同胞，最近遇到一个棘手的问题，每次打开outlook均会提示以下信息：

==============================================

您连接到的服务器正在使用一个无法验证的安全证书。

已处理证书链，但是在不受信任提供程序信任的根证书中终止。

您想继续使用这个服务器吗?

==============================================

已经折磨几天了，无果。

操作环境：

服务端：

windows r2

exchange sp1

已经安装证书服务，并申请有证书

图片:exchange.jpg

客户端：

windows xp sp3

outlook express/outlook (POP方式收取才会出现，若采用exchange方式则正常，OWA下也正常)

===========================================

Get-exchangecertificate | fl *

PSComputerName :

RunspaceId : 14d0a5b3-1231-429e-af2a-0494dda26f2f

AccessRules: {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAcces

sRule, System.Security.AccessControl.CryptoKeyAccessRule}

CertificateDomains : {, , , }

CertificateRequest :

IisServices: {IIS://mailserver/W3SVC/1}

IsSelfSigned : False

KeyIdentifier: 7994CFE1C86EDC91066A286F8E5947DBEF40D3A4

RootCAType : Registry

Services : IMAP, POP, IIS, SMTP

Status : Valid

SubjectKeyIdentifier : 7994CFE1C86EDC91066A286F8E5947DBEF40D3A4

PrivateKeyExportable : True

PublicKeySize: 2048

ServicesStringForm : IP.WS.

Archived : False

Extensions : {System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptograph

y.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Crypt

ography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid}

FriendlyName : ExchangeCA03

IssuerName : System.Security.Cryptography.X509Certificates.X500DistinguishedName

NotAfter : /7/12 9:14:33

NotBefore: /7/13 9:14:33

HasPrivateKey: True

PrivateKey : System.Security.Cryptography.RSACryptoServiceProvider

PublicKey: System.Security.Cryptography.X509Certificates.PublicKey

RawData: {48, 130, 6, 32, 48, 130, 5, 8, 160, 3, 2, 1, 2, 2, 10, 26...}

SerialNumber : 1A1280990000000001AC

SubjectName: System.Security.Cryptography.X509Certificates.X500DistinguishedName

SignatureAlgorithm : System.Security.Cryptography.Oid

Thumbprint : A803006F27D069C9128FBF2F1E3796F0389AF790

Version: 3

Handle : 491683120

Issuer : CN=szsoling-MAILSERVER-CA, DC=szsoling, DC=com

Subject: CN=, OU=IT Dept., O="Shenzhen Soling Industrial Co.,LTD", L="Soling Industrial

Park,Fuming", S="Guanlan,Shenzhen,Guangdong", C=CN

PSComputerName :

RunspaceId : 14d0a5b3-1231-429e-af2a-0494dda26f2f

AccessRules: {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAcces

sRule}

CertificateDomains : {szsoling-MAILSERVER-CA}

CertificateRequest :

IisServices: {}

IsSelfSigned : True

KeyIdentifier: 986798A783584779ABF00C2D3483A3148D722AE7

RootCAType : Registry

Services : None

Status : Valid

SubjectKeyIdentifier : 986798A783584779ABF00C2D3483A3148D722AE7

PrivateKeyExportable : True

PublicKeySize: 2048

ServicesStringForm : ......

Archived : False

Extensions : {System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptograph

y.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid}

FriendlyName :

IssuerName : System.Security.Cryptography.X509Certificates.X500DistinguishedName

NotAfter : /7/11 9:43:34

NotBefore: /7/11 9:33:36

HasPrivateKey: True

PrivateKey :

PublicKey: System.Security.Cryptography.X509Certificates.PublicKey

RawData: {48, 130, 3, 147, 48, 130, 2, 123, 160, 3, 2, 1, 2, 2, 16, 122...}

SerialNumber : 7A936307E156A5A6418B4347FCA38320

SubjectName: System.Security.Cryptography.X509Certificates.X500DistinguishedName

SignatureAlgorithm : System.Security.Cryptography.Oid

Thumbprint : A57D2F0987E40F4A0BC7933D0B50801D5894000D

Version: 3

Handle : 491685424

Issuer : CN=szsoling-MAILSERVER-CA, DC=szsoling, DC=com

Subject: CN=szsoling-MAILSERVER-CA, DC=szsoling, DC=com

PSComputerName :

RunspaceId : 14d0a5b3-1231-429e-af2a-0494dda26f2f

AccessRules: {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAcces

sRule, System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKe

yAccessRule}

CertificateDomains : {mailserver, }

CertificateRequest :

IisServices: {}

IsSelfSigned : True

KeyIdentifier: E8E6107C74A9381A2254F4477C9A6662F028532B

RootCAType : None

Services : SMTP

Status : Valid

SubjectKeyIdentifier :

PrivateKeyExportable : False

PublicKeySize: 2048

ServicesStringForm : ....S.

Archived : False

Extensions : {System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptograph

y.Oid, System.Security.Cryptography.Oid}

FriendlyName : Microsoft Exchange

IssuerName : System.Security.Cryptography.X509Certificates.X500DistinguishedName

NotAfter : /5/25 21:52:04

NotBefore: /5/25 21:52:04

HasPrivateKey: True

PrivateKey : System.Security.Cryptography.RSACryptoServiceProvider

PublicKey: System.Security.Cryptography.X509Certificates.PublicKey

RawData: {48, 130, 3, 25, 48, 130, 2, 1, 160, 3, 2, 1, 2, 2, 16, 61...}

SerialNumber : 3D8DB5D7BFF1909F499034A98446C6A2

SubjectName: System.Security.Cryptography.X509Certificates.X500DistinguishedName

SignatureAlgorithm : System.Security.Cryptography.Oid

Thumbprint : CCD8BE4EB8A0983FE18F2B1B1E0E0ADC8CFFD59B

Version: 3

Handle : 549400784

Issuer : CN=mailserver

Subject: CN=mailserver

===========================================

如果觉得《无法验证到服务器的安全证书 打开outlook提示…无法验证的安全证书……》对你有帮助，请点赞、收藏，并留下你的观点哦！