Event:
Event Type: Error
Event Source: MSExchangeTransport
Event Category: TransportService
Event ID: 12014
Date: 01/01/2013
Time: 8:43:32 AM
User: N/A
Computer: HUBCASSERVER
Description:
Microsoft Exchange couldn't find a certificate that contains the domain name HUBCASSERVER.COM in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector Exchange-Surf Control with a FQDN parameter of HUBCASSERVER.COM. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Solution:
http://exchangepedia.com/2008/01/exchange-server-2007-renewing-the-self-signed-certificate.html
Get-ExchangeCertificate | fl
Note the services the certificate is enabled for (by default: POP, IMAP, IIS, SMTP on CAS + HT servers). Copy the thumbprint of the certificate.
Get-ExchangeCertificate -thumbprint “E2D4E11BC8982D76301CAC7D09E38308BC23AF46” | New-ExchangeCertificate
If the existing certificate is being used as the default SMTP certificate, you will get the following prompt. The default SMTP certificate is used to encrypt SMTP sessions between transport servers in your organization.
The new certificate is generated and enabled. Examine the new certificate:
Get-ExchangeCertificate -thumbprint “thumbpring of new certificate” | fl
Remove-ExchangeCertificate -thumbprint “E2D4E11BC8982D76301CAC7D09E38308BC23AF46”
No comments:
Post a Comment