Certificate Problem on Exchange 2007 (URGENT HELP)
On the event viewer i get this error message. Exchange 2007 is not sending or reciving mails due to this issue. I dont have a certificate authority. I tried to use my own certificate authority for the local use. The certificate creates a problem so i removed the CA role. The exchange was working perfectly before this issue. After the CA everything stopes. Microsoft Exchange couldn't find a certificate that contains the domain name "xxx.yyy.www.et" in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector InternetConn with a FQDN parameter of "xxx.yyy.www.et". If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key. Please HELP
June 29th, 2010 6:06pm

The lack of a correctly named certificate should not affect the sending or receiving of email and this message is not telling you anything different. "Dawitta2006" wrote in message news:c3552359-dfa5-42b3-bdc4-085741760e23... On the event viewer i get this error message. Exchange 2007 is not sending or reciving mails due to this issue. I dont have a certificate authority. I tried to use my own certificate authority for the local use. The certificate creates a problem so i removed the CA role. The exchange was working perfectly before this issue. After the CA everything stopes. Microsoft Exchange couldn't find a certificate that contains the domain name "xxx.yyy.www.et" in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector InternetConn with a FQDN parameter of "xxx.yyy.www.et". If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key. Please HELP Mark Arnold, Exchange MVP.
Free Windows Admin Tool Kit Click here and download it now
June 29th, 2010 6:20pm

But all the configurations on Exchange are correct. The send and receive connectors are configured correctly. The server stops functioning after i install the certificate authority and install certificate. Is there any way to stop the server 2008 from remembering the certificate. The above message appeares after i remove the CA. I also removed IIS and Exchange 2007 and reinstall it. But the message continues to appear.
June 29th, 2010 6:57pm

Hi, Are you getting the error with event id 12014 if yes than follow these steps. 1. Open "Exchange Management Shell ". 2. Write "get-ExchangeCertificate " and press on "Enter " button. 3. Write down the Thumbprint of the certificate that reflect the required FQDN name of the server. 4. Review the current certificate that use by the Exchange server and each certificate function. 5. Write "Enable-ExchangeCertificate -Thumbprint 2afd26617915932ad096c48eb3b847fc7457662 -Services "SMTP" and press on 'Enter " button. The value of -Thumbprint obtained in stage 3. 6. Restart the Exchange server. I hope this will work for you. Regards. Shafaquat Ali.M.C.I.T.P Exchange 2007/2010, M.C.I.T.P Windows Server 2008, M.C.T.S OCS Server 2007 R2
Free Windows Admin Tool Kit Click here and download it now
June 29th, 2010 7:55pm

Hi, Have you tried the steps provided by Shafaquat? If the issue persists, I recommend you remove all existing certificates: Step 1: ============ 1. Open EMS, run Get-ExchangeCertificate |FL to get the Thumbprint of the certificate. 2. Run Remove-ExchangeCertificate -Thumbprint <> to remove the certificate. Step 2: ========== Then request a new certificate from your local CA for exchange. Please refer the following thread: http://social.technet.microsoft.com/Forums/en-US/exchangesvrsecuremessaging/thread/37cf60b4-c31f-49aa-9068-ae5934af8950 If you do not want to use local CA, you can create a exchange self-signed certificate by the following command: New-ExchangeCertificate More information, please see the following article: http://technet.microsoft.com/en-us/library/aa998327(EXCHG.80).aspx
June 30th, 2010 1:11pm

dont use microsoft certificate authority services for generating exchange certificates. it will stop email sending/recieving as i was personally face this situation. just follow the process of shafquat and thomas-lin remove all existing certificates and install new one using exchange shell..
Free Windows Admin Tool Kit Click here and download it now
July 7th, 2010 11:09pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics