SBS 2008: Troubleshooting - "Target Principal Name is Incorrect" certificate error in Outlook 2007 when connecting to either POP3 or IMAP4

After configuring Outlook 2007 to connect to SBS 2008 using either POP3 or IMAP4 with TLS, you receive a certificate error when initiating a connection. “The server you are connected to is using a security certificate that cannot be verified. The target principal name is incorrect. Do you want to continue using this server?” This […]

After configuring Outlook 2007 to connect to SBS 2008 using either POP3 or IMAP4 with TLS, you receive a certificate error when initiating a connection.

“The server you are connected to is using a security certificate that cannot be verified.
The target principal name is incorrect.
Do you want to continue using this server?”

This error is not fatal. If you choose “Yes”, the connection will continue successfully and securely. You will not receive this prompt again until you close and reopen Outlook 2007.  This error does not occur with earlier versions of Outlook, Outlook Express, or Windows Mail.

The problem is due to the order in which the DNS names are listed in the Subject Alternative Name field on the SBS 2008 self-signed certificate, and the way that Outlook 2007 reads this field. The first DNS name in the list does not match the server’s public FQDN (Fully Qualified Domain Name). Outlook 2007 reads only the first DNS name, and then compares it to the name of the POP, IMAP, or SMTP server that it is configured to connect to. The two names do not match.

Full Article

Source:→ Microsoft