Users will receive this error if the certificate comes from an “untrusted” certificate authority. Usually a trusted third party certificate (Thawte, Geotrust, Verisign) will not generate this error but will cost money. If you are using Active Directory, you can create an internal certificate authority that your client computers will trust. The error message will go away then for internal clients, but users will still see errors if they use OWA on client computers outside of your network. There are a lot of considerations about certificates and CA’s. See my blog Certificates – who do YOU trust? for additional information.

In the IT trenches? So am I – read my IT-Trenches blog

We use Entrust they have a really nice Unified Communications Cert that is ideal for Exchange . link http://www.entrust.net/ssl-certificates/unified-communications.htm

Hi,
From the error message which you get while accessing OWA should be because of accessing OWA externally. Even though we use Exchange for internal mailflow, features like Outlook Anywhere, OWA and ActiveSync will fail if we access them since by default these application have an inbuilt certificate store where all the Certificate Authority are added. Since we use our own Windows CA which would not be in the store the clients will not function properly. Hence depending upon the usage of Exchange by external users we cna go about our issue. If the external users using Exchange 2007 is comparatively less then we can just send the certificate files to them and ask them to install it on their cleints either their laptop or be it their Mobiledevice. Also in this scenario ensure to have the Root Certificate installed on them as well. But as per Microsoft recommendations its better to use Thrid party UCC which would help our external clients as well.