Exchange Autodiscover service is a very nice feature but you may run into issues with certificate errors or warnings if you don't have the URL's setup correctly.

For my lab environment I purchased an SSL Certificate for my public domain: mail.datawan.net. I decided to use a split DNS configuration where I would use the same URL for both internal and external access.  This allows me to use one certificate for both internal and external access. This certificate works perfectly for ActiveSync and OWA services.  But when setting up Outlook clients I always received an error about the certificate name not matching.  I started by first looking at the settings under:

Microsoft Exchange On-Premises > Server Configuration > Client Access

I made sure to update the same URL for all the tabs below by double clicking and setting the InternalURL and ExternalURL to the same setting.  For POP3 and IMAP4 just make sure that the URL for X.509 certificate name (under Authentication tab) is using the external URL.  See Figure 1:

After doing this I started Outlook 2010 and still received the error message.  After some searching around I found that there are a few other places where I would need to update the URL's but this time you have to use PowerShell.  Start up the Exchange Management Shell and take a look at the following settings:

Get-ClientAccessServer | fl identity, autodiscoverserviceinternaluri

Get-WebServicesVirtualDirectory |fl identity,internalurl,externalurl

If you see the wrong URL in any of the output for InternalURL or ExternalURL you can fix it by using the following commands:

Set-ClientAccessServer -Identity EXCHSERVERNAME -AutoDiscoverServiceInternalUri https://mail.yourdomain.com/Autodiscover/Autodiscover.xml

Set-WebServicesVirtualDirectory -Identity "EXCHSERVERNAME\EWS (Default Web Site)" -InternalUrl https://mail.yourdomain.com/EWS/Exchange.asmx

There are other settings you could configure but the above settings should fix the certificate not matching on the name.  Keep in mind you will have to create a zone for your internal DNS servers for your external domain and point to internal IP Address for the services.