Autodiscover - Internal and External

Hi,

I am currently in the process of migrating from Exchange 2003 to 2010.  I have setup the Exchange 2010 server and have a few users using it.

We have noticed that there are issues with meeting requests, etc - which points to the autodicover feature not working.  I have used the Microsoft analyser to test and it has failed with the following:

Test Steps

The Microsoft Connectivity Analyzer is attempting to test Autodiscover for user@domain.co.uk.   Testing Autodiscover failed.   Additional Details   Elapsed Time: 9786 ms.   Test Steps   Attempting each method of contacting the Autodiscover service.   The Autodiscover service couldn't be contacted successfully by any method.   Additional Details   Elapsed Time: 9786 ms.   Test Steps   Attempting to test potential Autodiscover URL https://domain:443/Autodiscover/Autodiscover.xml   Testing of this potential Autodiscover URL failed.   Additional Details   Elapsed Time: 1306 ms.   Test Steps   Attempting to resolve the host name domain.co.uk in DNS.   The host name resolved successfully.   Additional Details Testing TCP port 443 on host domain.co.uk to ensure it's listening and open.   The port was opened successfully.   Additional Details Testing the SSL certificate to make sure it's valid.   The SSL certificate failed one or more certificate validation checks.   Additional Details   Test Steps   The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server domain on port 443.   The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate.   Additional Details Validating the certificate name.   Certificate name validation failed.    <label for="testSelectWizard_ctl12_ctl06_ctl00_ctl00_ctl00_ctl02_ctl01_tmmArrow">Tell me more about this issue and how to resolve it</label>   Additional Details   Host name domain doesn't match any name found on the server certificate CN=ssl4.lon.gb.securedata.net, OU=Domain Control Validated - RapidSSL(R), OU=See www.rapidssl.com/resources/cps (c)15, OU=2082430109. Elapsed Time: 0 ms. Attempting to test potential Autodiscover URL https://autodiscover.domain:443/Autodiscover/Autodiscover.xml   Testing of this potential Autodiscover URL failed.   Additional Details   Elapsed Time: 6605 ms.   Test Steps   Attempting to resolve the host name autodiscover.domain.co.uk in DNS.   The host name resolved successfully.   Additional Details Testing TCP port 443 on host autodiscover.domain.co.uk to ensure it's listening and open.   The port was opened successfully.   Additional Details Testing the SSL certificate to make sure it's valid.   The certificate passed all validation requirements.   Additional Details   Test Steps   The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server autodiscover.domain.co.uk on port 443.   The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate.   Additional Details Validating the certificate name.   The certificate name was validated successfully.   Additional Details Certificate trust is being validated.   The certificate is trusted and all certificates are present in the chain.   Test Steps   The Microsoft Connectivity Analyzer is attempting to build certificate chains for certificate CN=*.domain.co.uk, OU=Domain Control Validated.   One or more certificate chains were constructed successfully.   Additional Details Analyzing the certificate chains for compatibility problems with versions of Windows.   Potential compatibility problems were identified with some versions of Windows.   Additional Details   The Microsoft Connectivity Analyzer can only validate the certificate chain using the Root Certificate Update functionality from Windows Update. Your certificate may not be trusted on Windows if the "Update Root Certificates" feature isn't enabled. Elapsed Time: 1 ms. Testing the certificate date to confirm the certificate is valid.   Date validation passed. The certificate hasn't expired.   Additional Details Checking the IIS configuration for client certificate authentication.   Client certificate authentication wasn't detected.   Additional Details Attempting to send an Autodiscover POST request to potential Autodiscover URLs.   Autodiscover settings weren't obtained when the Autodiscover POST request was sent.   Additional Details   Test Steps Attempting to contact the Autodiscover service using the HTTP redirect method.   The attempt to contact Autodiscover using the HTTP Redirect method failed.   Additional Details   Elapsed Time: 1372 ms.   Test Steps   Attempting to resolve the host name autodiscover.domain.co.uk in DNS.   The host name resolved successfully.   Additional Details Testing TCP port 80 on host autodiscover.domain.co.uk to ensure it's listening and open.   The specified port is either blocked, not listening, or not producing the expected response.    <label for="testSelectWizard_ctl12_ctl06_ctl00_ctl00_ctl02_ctl01_tmmArrow">Tell me more about this issue and how to resolve it</label>   Additional Details   A network error occurred while communicating with the remote host. Elapsed Time: 1367 ms. Attempting to contact the Autodiscover service using the DNS SRV redirect method.   The Microsoft Connectivity Analyzer failed to contact the Autodiscover service using the DNS SRV redirect method.   Additional Details   Elapsed Time: 336 ms.   Test Steps   Attempting to locate SRV record _autodiscover._tcp.domain.co.uk in DNS.   The Autodiscover SRV record wasn't found in DNS.    <label for="testSelectWizard_ctl12_ctl06_ctl00_ctl00_ctl03_ctl00_tmmArrow">Tell me more about this issue and how to resolve it</label>   Additional Details   Elapsed Time: 336 ms. Checking if there is an autodiscover CNAME record in DNS for your domain 'domain.co.uk' for Office 365.   Failed to validate autodiscover CNAME record in DNS. If your mailbox isn't in Office 365, you can ignore this warning.    <label for="testSelectWizard_ctl12_ctl06_ctl00_ctl00_ctl04_tmmArrow">Tell me more about this issue and how to resolve it</label>   Additional Details   There is no Autodiscover CNAME record for your domain 'domain.co.uk'. Elapsed Time: 160 ms.

A few things to mention with my current setup:

Exchange server installed on Windows 2008r2 server, certificate installed is a wildcard, OWA and Outlook mobile app working. 

In my internal DNS, I have created a Zone for my external domain (i.e domain.co.uk) and have A records for Autodiscover pointing to my internal Exchange server ip.  On my external DNS, I have the same record but pointing to the External address of my Exchange server.  I have not created a SRV or CNAME in either DNS zones.

Finally - The analyser fails with a certificate I do not recognise. It states the following " CN=ssl4.lon.gb.securedata.net, OU=Domain Control Validated - RapidSSL(R), OU=See www.rapidssl.com/resources/cps (c)15, OU=2082430109"

I purchased my certificate via go-daddy.

Any help would so be appreciated