Our Aastra and LG-Nortel Lync phones can't connect to EWS. Digging around in the clg2 logfile from the Aastra, I found that this is because it can't download autodiscover.xml.
The autodiscover url is found through the SRV record:
INFO :: NAutoDiscover::DnsAutodiscoverTask::PopulateAutodiscoverUrlsFromDnsSrv: DNS SRV for email domain, mysipdomain.nl, SRV record, _autodiscover._tcp.sipdomain.nl, succeeded. INFO :: NAutoDiscover::DnsAutodiscoverTask::PopulateAutodiscoverUrlsFromDnsSrv: SRV record found for record, _autodiscover._tcp.sipdomain.nl, value, autodiscover.mydomain.nl. INFO :: NAutoDiscover::DnsAutodiscoverTask::TryAutodiscoverUrls: Trying url, https://autodiscover.mydomain.nl/autodiscover/autodiscover.xml
But after this, for some reason, the process throws an error saying that the server is not trusted, resulting in the phone not being able to connect to EWS:
INFO :: DoesDomainMatchServer: DoesDomainMatchServer-no match(sipdomain.nl, autodiscover.mydomain.nl) INFO :: DoesDomainMatchServer: DoesDomainMatchServer-no match(outlook.com, autodiscover.mydomain.nl) INFO :: DoesDomainMatchServer: DoesDomainMatchServer-no match(lync.com, autodiscover.mydomain.nl)
INFO :: DoesDomainMatchServer: DoesDomainMatchServer, ret=1, (mydomain.nl, autodiscover.mydomain.nl) INFO :: NAutoDiscover::DnsAutodiscoverTask::TryAutodiscoverUrls: Server is autodiscover.mydomain.nl not trusted, hr=0x0. WARN :: NAutoDiscover::DnsAutodiscoverTask::PerformAutodiscovery: DNS autodiscover failed ERROR :: NAutoDiscover::AutodiscoverTaskBase::OnExecution: Autodiscovery failed. hr=0x80004005.
Resulting in the phone not being able to connect to EWS. As far as I know the certificate is not the issue, because this would generate a specific error starting with "NAutoDiscover::DnsAutodiscoverTask::TryAutodiscoverUrls: Exception with this url"
What could be the reason for the server not being trusted?