Found this article on Spiceworks and was very helpful to fix internal clients receiving certification warning messages from me switching to a 3rd party cert on the exchange server.
(Original Link: http://community.spiceworks.com/how_to/show/48384-outlook-the-name-of-the-security-certificate-is-invalid-or-does-not-match-the-name-of-the-site)
Issue: Outlook anywhere works fine with third party cert, but internal Outlook clients get cert error with NETBIOS name of Exchange server.
Note: I tested this on Exchange 2010 as well.
By default, the URL that is stored in these objects references the NetBIOS name of the server. For example, a URL that resembles the following URL is stored:
To resolve this issue, change the URLs for the appropriate Exchange 2007 components. To do this, follow these steps:
1.Start the Exchange Management Shell.
2.Change the Autodiscover URL in the Service Connection Point. The Service Connection Point is stored in the Active Directory directory service. To change this URL, type the following command, and then press Enter:
Set-ClientAccessServer -Identity CAS_Server_Name -AutodiscoverServiceInternalUrihttps://mail.contoso.com/autodiscover/autodiscover.xml
3.Change the InternalUrl attribute of the EWS. To do this, type the following command, and then press Enter:
Set-WebServicesVirtualDirectory -Identity “CAS_Server_NameEWS (Default Web Site)” -InternalUrlhttps://mail.contoso.com/ews/exchange.asmx
4.Change the InternalUrl attribute for Web-based Offline Address Book distribution. To do this, type the following command, and then press Enter:
Set-OABVirtualDirectory -Identity “CAS_Server_nameoab (Default Web Site)” -InternalUrl https://mail.contoso.com/oab
5. Change the InternalUrl attribute of the UM Web service. To do this, type the following command, and then press Enter:
Set-UMVirtualDirectory -Identity “CAS_Server_Nameunifiedmessaging (Default Web Site)” -InternalUrlhttps://mail.contoso.com/unifiedmessaging/service.asmx
Note The command in step 5 is required only in an Exchange 2007 environment. This command no longer exists in an Exchange 2010 environment. Instead, the WebServices URL is used for this purpose.
6.Open IIS Manager.
7.Expand the local computer, and then expand Application Pools.
8.Right-click MSExchangeAutodiscoverAppPool, and then click Recycle.