Email: helpdesk@telkomuniversity.ac.id

This Portal for internal use only!

All Categories

All Categories

Search

0 Wishlist

Cart

Categories
More Categories Less Categories

iconTicket Service Desk

All Categories

All Categories

Search

0 Wishlist

Cart

Menu
Home/Microsoft/Download Domains – CVE-2021-1730 – issue with missing SAN certificate ?

Download Domains – CVE-2021-1730 – issue with missing SAN certificate ?

/ 2024-10-10
Download Domains – CVE-2021-1730 – issue with missing SAN certificate ?
Microsoft

Hi gents,

 

I have Exchange 2019 with almost recent patch installed Version 15.2 (Build 1544.4)

Few months ago I configured required steps to mitigate CVE-2021-1730 and it worked for sure. Now customer reported that during OWA browsing while attempting to download attachment, he’s getting an error about unsafe connection ( certificate error occurs when trying to retrieve attachments).

In details while clicking on the attachment, default OWA name is redirected from the default url webmail.domain.com to the attachments.webmail.domain.com. Then the error is showing up about the certificate “net::ERR_CERT_COMMON_NAME_INVALID“.

Currently for OWA site there is attached dedicated certificate with *.domain.com.

The url for download domain (internally and externally) is pointing through CNAME url attachments.webmail.domain.com.

The name of the domain is included in certificate SAN entry, but it’s for whole domain *.domain.com, not explicitely for attachments,webmail.domain.com.

Is it possible that despite having asteriks in the certificate domain name, dedicated SAN name is required ?

 

​Hi gents, I have Exchange 2019 with almost recent patch installed Version 15.2 (Build 1544.4)Few months ago I configured required steps to mitigate CVE-2021-1730 and it worked for sure. Now customer reported that during OWA browsing while attempting to download attachment, he’s getting an error about unsafe connection ( certificate error occurs when trying to retrieve attachments).In details while clicking on the attachment, default OWA name is redirected from the default url webmail.domain.com to the attachments.webmail.domain.com. Then the error is showing up about the certificate “net::ERR_CERT_COMMON_NAME_INVALID”.Currently for OWA site there is attached dedicated certificate with *.domain.com.The url for download domain (internally and externally) is pointing through CNAME url attachments.webmail.domain.com.The name of the domain is included in certificate SAN entry, but it’s for whole domain *.domain.com, not explicitely for attachments,webmail.domain.com.Is it possible that despite having asteriks in the certificate domain name, dedicated SAN name is required ?   Read More

Tags:

Related posts

Announcing the General Availability of Windows Server IoT 2025!
2024-11-05

Announcing the General Availability of Windows Server IoT 2025!

Power Automate to update columns for content stored in a document library
2024-11-05

Power Automate to update columns for content stored in a document library

America’s Partner Blog | Partners Make More Possible: Education
2024-11-05

America’s Partner Blog | Partners Make More Possible: Education

Leave a Reply

Your email address will not be published. Required fields are marked *

Adobe
Google for Education
IBM
Matlab
Microsoft
Wordpress
Visual Paradigm
Opensource

Portal Application Package Repository Telkom University, for internal use only, empower civitas academica in study and research.

Information

Contact Us

Copyright © Telkom University. All Rights Reserved. ch