The problem, and the reason I am posting this topic, is for those users that are out of the office presently, are instead of being prompted that there is a problem with the website certificate and being able to continue to the website anyway, are instead receiving a page that says navigation to the web page cancelled, or DNS not reachable error messages.
For one of the users that is a bit more tech savvy than the others, I had remove the old ssl certificates, clear ssl state, and he was able to connect while getting the ssl error message, I have sent him the exported certificates to see if after installing them the error either re-appears, or not, and have not heard back again yet. I tried the same method with the others over the phone, had them remove the old certificates, clear ssl state, but when they browse to the page receive the error messages still.
I thought at first this was a problem with her particular ISP, however, she is able to browse other webpages without any issues. I have checked and triple checked our DNS data, and everything is configured properly in terms of having an A record, MX record etc. for our mail server, incoming mail works properly, outgoing as well. With testing everything, I came across a site that allowed me to traceroute to my mail server, and from about 50%+ of the locations I tested the trace from, the traceroute stops after getting to a particular router on my ISPs network, but on the others in the test, the same router is passing the traffic as it should be. Even had the problem occur within the ISPs own DSL network, but now that seems to be corrected, however is still stopping for most locations outside their network at the same router. When I contacted my ISP tech support, with the info about it having the problem from their own dsl network, is when they got that corrected, however, is still having problems from outside for some reason.
In some of the tests, it seemed like Firefox was able to connect to the site, however it seems that IE7 is not consistently able to. If it were just a firefox vs. IE issue, I would typically choose Firefox myself, but the outlook web access does not display properly on firefox, and so I am needing to get the problem corrected so it works from all connections with IE properly. Is IE7 just really that stupid that it will not display the SSL certificate error message in some conditions, or is my problem likely just the routing issue with my ISP?
The thing of it is, the new certificate was put up mid last week, nobody reported problems with the OWA until early this week...I am thinking there is a mix of problems that are the root cause, but so far what seems to fix one users issue, has not worked on the others, and I am plain and simply out of ideas. Fortunately, the majority of our users do not use OWA, however the ones that do, have totally inconcistent issues with it this week. I have also been unable to replicate the problem internally, any time I load the old certificate, since I have it saved here, I always manage to get the ssl error message to come up.
If anyone has encountered a similar problem, please please please help me out with it! I do not wish to post the IP/mail server URL here in view of the general public, but if you would be interested in helping with troubleshooting, send me a private message and I could send the info necessary.
Thank You,
David