Hey everyone! We're about to install a new Exchange Server Edition, and we know there will be a certificate popup for Outlook clients because of the Service Connection Point (SCP) and the URLs pointing to the new server. We're advising users to click 'X' or 'No' on that popup. My question is, what actually happens if they click 'Yes'? Will it just fail and Outlook switch to using auto-discover to connect to Office 365, or could there be other outcomes? It's been ages since I've dealt with on-prem setups, so I could really use some clarity on this.
1 Answer
You can avoid the certificate issue pretty easily. There are a couple of things you can do:
1. On an operational server, have the `Set-ClientAccessService` cmdlet ready, so once your new server finishes installing, you can set its autodiscover URI to your main Exchange namespace immediately.
2. Alternatively, you could set up firewall rules to block all HTTPS traffic from client systems to the new Exchange server. If clients can’t connect, they won’t see that self-signed certificate warning!
That's a clever idea with the firewall! We might definitely give that a shot! We've already got all our URLs prepped in PowerShell, ready to run once the new Exchange is set up.