This can also happen if your send\receive connectors FQDN (specify
the fqdn this connector will provide in response to HELO or EHLO) does not
match your cert name as event indicates; but since you mentioned that it
expired; it’s probably related to that. James Chong 11130 Sunrise Valley Drive, Suite 300 Reston, VA 20191 From: James Chong Get-Exchangecertificate |FL You need to enable the cert that has your netbios name. The cert
needs to be valid and not expired. James Chong 11130 Sunrise Valley Drive, Suite 300 Reston, VA 20191 From:
exchangelist-bounce@xxxxxxxxxxxxx [mailto:exchangelist-bounce@xxxxxxxxxxxxx] On
Behalf Of Amit Kapoor Hi James, We are getting the below mentioned error in the event logs. Event
ID for this 12014 and Event Source is MSExchange Tranport. ============================================ Microsoft Exchange couldn't find a certificate that
contains the domain name <server name> in the personal store on the local
computer. Therefore, it is unable to support the STARTTLS SMTP verb for the
connector Outgoing with a FQDN parameter of <server name>. If the
connector's FQDN is not specified, the computer's FQDN is used. Verify the
connector configuration and the installed certificates to make sure that there
is a certificate with a domain name for that FQDN. If this certificate exists,
run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft
Exchange Transport service has access to the certificate key. ==========================================================
When I search for the list of certificates on the Hub server, it
shows me a long list of certificates. How do I check which certificate I had to
install or renew. Regards, Amit Kapoor From:
exchangelist-bounce@xxxxxxxxxxxxx [mailto:exchangelist-bounce@xxxxxxxxxxxxx] On
Behalf Of James Chong If you did not get a SAN cert that included your netbios
name, then yes. You need to run new-exchangecertificate to generate request;
upload to your CA server. Download the cert , import the cert, and enable the
cert for IMAP. James Chong 11130 Sunrise Valley Drive, Suite 300 Reston, VA 20191 From: exchangelist-bounce@xxxxxxxxxxxxx [mailto:exchangelist-bounce@xxxxxxxxxxxxx]
On Behalf Of Amit Kapoor Hi, We have exchange 2007 in out network. Few days back we have
renewed our SSL certificate on Exchange Servers at different sites, those were
purchased from Verisign. Everything was working fine, till few users reported
problem in connecting to mail server using IMAP, MAC, thunderbird etc. We have
checked on the server it is giving error for some internal self signed
certificate expiry. Do we need to re-install the self signed certificate for
SMTP as users are not able to send emails using the MAC, Thunderbird etc. Please suggest. Regards, Amit Kapoor DISCLAIMER: DISCLAIMER: |