Skip to main content
Kofax

Exchange: "Server Access Error: The remote certificate is invalid according to the validation procedure" when testing the EWS connection

When testing the EWS connection of an Exchange Connector, the error message "The remote certificate is invalid according to the validation procedure" appears.

In the simulator or client software, the user may be prompted for a logon when there should be none, which would ultimately fail.

The certificate used in Exchange may not be trusted or is not matching the domain used in the EWS address.

Verify the following items:

  1. Check that the domain used in the URL is listed in the certificate under one of these two locations
    1. General > Issued to
    2. Details > Subject Alternative Name
  2. Use the EWS URL in Internet Explorer to see if the certificate is trusted by Windows. Examples below.
    1. https://mail.domain.com/EWS/Exchange.asmx
    2. https://mail.domain.com/owa
    3. https://mail.domain.com/Exchange
  3. Verify that the issuing certificates (usually a root and one or more intermediate certificates) are present and trusted in Windows.

Depending on what you find, you can resolve the problem by doing one of the following:

  1. Change the EWS URL to use a domain listed in the certificate Subject Alternative Name property.
  2. Ensure the certificate is trusted on Windows by adding Root and Intermediate domain certificates.
  3. Install the certificate into the Trusted Root Certificates Authority.
  4. The certificates may also need to be reissued with correct domain information.