Our end users are receiving the following dialog box in Outlook which refers to an incorrect internal domain name (domain.internal).
No dialog box is received if using Outlook Anywhere.
Clicking on View Certificate shows the correctly installed SSL certificate using an internet domain name (domain.org.au).
Does the internal domain name need to be added to the SSL certificate? If so, how? Or is there another fix?
So clients within your network resolve your exchange server as exchsvr.internal via AD dns WHICH DOES NOT match the name on your certificate. The cert works for clients outside your network because the DNS name they use DOES match the certificate. You will have to convince your internal clients that they are connecting to your server as extdomain.org.au its been a while for me in exchange management but... I believe there are two ways of doing it.
Have your internal clients connect to the externally resolvable address of domain.org.au. You will have to use Exchange management console for that... and essentially what it does is tell your active directory attached machines that the server they want to auto connect to is no longer domain.internal I found the below here but do more homework before making such changes.
This last command is not required on Exchange 2010:
You can use the "get" version of the commands, for example get-ClientAccessServer -Identity exchange to see what the current setting is, and make a note of it first.
Depending on the configuration of our network, even if they use the external address it is not likely that the traffic would go out past your gateway, meaning it should not interfere with external internet speeds.