Apple Mac Safari unable to open Exchange Server 2010 Outlook Web App with certificate error

Problem

You’ve received complaints from Mac users that they then attempt to launch Exchange Server 2010’s Outlook Web App, the following prompt is displayed:

The website “webmail.someDomain.bm” requires a client certificate.

This website requires a certificate to validate your identity. Select the certificate to use when you connect to this website, and then click Continue.

com.apple.idms.appid.prd.4e37636a…

image

Solution

While I can’t definitively claim whether the following is the right solution but what solved this issue for my client’s MAC users was to change the EWS to allow Basic Authentication:

image

You will still need to manually delete the certificate on the Mac’s keychain but unlike leaving Basic Authentication off, the certificate will not come back in a few days.

Note that this contradicts the default settings as shown in the following TechNet article:

Default Settings for Exchange Virtual Directories
http://technet.microsoft.com/en-us/library/gg247612.aspx