各位同胞,最近遇到一个棘手的问题,每次打开outlook均会提示以下信息:
==============================================
您连接到的服务器正在使用一个无法验证的安全证书。
已处理证书链,但是在不受信任提供程序信任的根证书中终止。
您想继续使用这个服务器吗?
==============================================
已经折磨几天了,无果。
操作环境:
服务端:
windows r2
exchange sp1
已经安装证书服务,并申请有证书
图片:exchange.jpg
客户端:
windows xp sp3
outlook express/outlook (POP方式收取才会出现,若采用exchange方式则正常,OWA下也正常)
===========================================
Get-exchangecertificate | fl *
PSComputerName :
RunspaceId : 14d0a5b3-1231-429e-af2a-0494dda26f2f
AccessRules: {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAcces
sRule, System.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {, , , }
CertificateRequest :
IisServices: {IIS://mailserver/W3SVC/1}
IsSelfSigned : False
KeyIdentifier: 7994CFE1C86EDC91066A286F8E5947DBEF40D3A4
RootCAType : Registry
Services : IMAP, POP, IIS, SMTP
Status : Valid
SubjectKeyIdentifier : 7994CFE1C86EDC91066A286F8E5947DBEF40D3A4
PrivateKeyExportable : True
PublicKeySize: 2048
ServicesStringForm : IP.WS.
Archived : False
Extensions : {System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptograph
y.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Crypt
ography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid}
FriendlyName : ExchangeCA03
IssuerName : System.Security.Cryptography.X509Certificates.X500DistinguishedName
NotAfter : /7/12 9:14:33
NotBefore: /7/13 9:14:33
HasPrivateKey: True
PrivateKey : System.Security.Cryptography.RSACryptoServiceProvider
PublicKey: System.Security.Cryptography.X509Certificates.PublicKey
RawData: {48, 130, 6, 32, 48, 130, 5, 8, 160, 3, 2, 1, 2, 2, 10, 26...}
SerialNumber : 1A1280990000000001AC
SubjectName: System.Security.Cryptography.X509Certificates.X500DistinguishedName
SignatureAlgorithm : System.Security.Cryptography.Oid
Thumbprint : A803006F27D069C9128FBF2F1E3796F0389AF790
Version: 3
Handle : 491683120
Issuer : CN=szsoling-MAILSERVER-CA, DC=szsoling, DC=com
Subject: CN=, OU=IT Dept., O="Shenzhen Soling Industrial Co.,LTD", L="Soling Industrial
Park,Fuming", S="Guanlan,Shenzhen,Guangdong", C=CN
PSComputerName :
RunspaceId : 14d0a5b3-1231-429e-af2a-0494dda26f2f
AccessRules: {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAcces
sRule}
CertificateDomains : {szsoling-MAILSERVER-CA}
CertificateRequest :
IisServices: {}
IsSelfSigned : True
KeyIdentifier: 986798A783584779ABF00C2D3483A3148D722AE7
RootCAType : Registry
Services : None
Status : Valid
SubjectKeyIdentifier : 986798A783584779ABF00C2D3483A3148D722AE7
PrivateKeyExportable : True
PublicKeySize: 2048
ServicesStringForm : ......
Archived : False
Extensions : {System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptograph
y.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid}
FriendlyName :
IssuerName : System.Security.Cryptography.X509Certificates.X500DistinguishedName
NotAfter : /7/11 9:43:34
NotBefore: /7/11 9:33:36
HasPrivateKey: True
PrivateKey :
PublicKey: System.Security.Cryptography.X509Certificates.PublicKey
RawData: {48, 130, 3, 147, 48, 130, 2, 123, 160, 3, 2, 1, 2, 2, 16, 122...}
SerialNumber : 7A936307E156A5A6418B4347FCA38320
SubjectName: System.Security.Cryptography.X509Certificates.X500DistinguishedName
SignatureAlgorithm : System.Security.Cryptography.Oid
Thumbprint : A57D2F0987E40F4A0BC7933D0B50801D5894000D
Version: 3
Handle : 491685424
Issuer : CN=szsoling-MAILSERVER-CA, DC=szsoling, DC=com
Subject: CN=szsoling-MAILSERVER-CA, DC=szsoling, DC=com
PSComputerName :
RunspaceId : 14d0a5b3-1231-429e-af2a-0494dda26f2f
AccessRules: {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAcces
sRule, System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKe
yAccessRule}
CertificateDomains : {mailserver, }
CertificateRequest :
IisServices: {}
IsSelfSigned : True
KeyIdentifier: E8E6107C74A9381A2254F4477C9A6662F028532B
RootCAType : None
Services : SMTP
Status : Valid
SubjectKeyIdentifier :
PrivateKeyExportable : False
PublicKeySize: 2048
ServicesStringForm : ....S.
Archived : False
Extensions : {System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptograph
y.Oid, System.Security.Cryptography.Oid}
FriendlyName : Microsoft Exchange
IssuerName : System.Security.Cryptography.X509Certificates.X500DistinguishedName
NotAfter : /5/25 21:52:04
NotBefore: /5/25 21:52:04
HasPrivateKey: True
PrivateKey : System.Security.Cryptography.RSACryptoServiceProvider
PublicKey: System.Security.Cryptography.X509Certificates.PublicKey
RawData: {48, 130, 3, 25, 48, 130, 2, 1, 160, 3, 2, 1, 2, 2, 16, 61...}
SerialNumber : 3D8DB5D7BFF1909F499034A98446C6A2
SubjectName: System.Security.Cryptography.X509Certificates.X500DistinguishedName
SignatureAlgorithm : System.Security.Cryptography.Oid
Thumbprint : CCD8BE4EB8A0983FE18F2B1B1E0E0ADC8CFFD59B
Version: 3
Handle : 549400784
Issuer : CN=mailserver
Subject: CN=mailserver
===========================================
如果觉得《无法验证到服务器的安全证书 打开outlook提示…无法验证的安全证书……》对你有帮助,请点赞、收藏,并留下你的观点哦!