[ExchangeList] Re: SSL Certificate in Exchange 2007.

This can also happen if your send\receive connectors FQDN (specify the fqdn this connector will provide in response to HELO or EHLO) does not match your cert name as event indicates; but since you mentioned that it expired; it’s probably related to that.

 

 

 

Get-Exchangecertificate |FL

 

You need to enable the cert that has your netbios name. The cert needs to be valid and not expired.

 

 

 

Hi James,

 

We are getting the below mentioned error in the event logs. Event ID for this 12014 and Event Source is MSExchange Tranport.

============================================  

Microsoft Exchange couldn't find a certificate that contains the domain name <server name> in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector Outgoing with a FQDN parameter of <server name>. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.

==========================================================

 

 

When I search for the list of certificates on the Hub server, it shows me a long list of certificates. How do I check which certificate I had to install or renew.

 

Regards,

Amit Kapoor

 

 

If you did not get a SAN cert that included your netbios name, then yes. You need to run new-exchangecertificate to generate request; upload to your CA server. Download the cert , import the cert, and enable the cert for IMAP.

 

 

 

Hi,

 

We have exchange 2007 in out network. Few days back we have renewed our SSL certificate on Exchange Servers at different sites, those were purchased from Verisign. Everything was working fine, till few users reported problem in connecting to mail server using IMAP, MAC, thunderbird etc. We have checked on the server it is giving error for some internal self signed certificate expiry. Do we need to re-install the self signed certificate for SMTP as users are not able to send emails using the MAC, Thunderbird etc.

 

Please suggest.

 

Regards,

Amit Kapoor

 

DISCLAIMER:
This e-mail and any attachments to it may contain confidential and proprietary material and is solely for the use of the intended recipient. Any review, use, disclosure, distribution or copying of this transmittal is prohibited except by or on behalf of the intended recipient. If you have received this transmittal in error, please notify the sender and destroy this e-mail and any attachments and all copies, whether electronic or printed.

 

DISCLAIMER:
This e-mail and any attachments to it may contain confidential and proprietary material and is solely for the use of the intended recipient. Any review, use, disclosure, distribution or copying of this transmittal is prohibited except by or on behalf of the intended recipient. If you have received this transmittal in error, please notify the sender and destroy this e-mail and any attachments and all copies, whether electronic or printed.