Exchange Certificate
We had a consultant set our exchange 2007 environment up and found that every site with an exchange mailbox server must have a hub and client access server (can all be on same server):1 main CAS server (all traffic comes in and goes out) this is where are certificate from a 3rd party sits2 mail server in the same locationIn outside location I have 3 other exchange 2007 servers that are mailbox, CAS and hub servers - again all inbound and outbound come thru my 1 CAS only serverProblem testing Office 2007 (outlook2007) and users with mailboxes stored on mailbox/hub and Cas servers are now receiving The certificate has expired and has the site servers name - so it is not using our 3rd party certificate.How do we fix this?
February 15th, 2010 10:22pm
It sounds like the self signed certificates on the non internet facing CAS servers have expired. They are only good for one year. You can verify this by using the Get-ExchangeCertificate cmdlet. If that is the case you can either renew the self signed certs, or issue new ones from an internal CA.
Free Windows Admin Tool Kit Click here and download it now
February 16th, 2010 1:33am
When you get the certificate warning, who does it say is the issuer? If you are using self-signed certificates, you will Probably have issues with OWA, Outlook Anywhere and ActiveSync as these do not play well with self-signed certs.If you have a PKI within the environment, you need to request a new cert using the new-ExchangeCertificate cmdlet. http://technet.microsoft.com/en-us/library/aa998327(EXCHG.80).aspxIf they are infact self-signed, check out http://exchangepedia.com/blog/2008/01/exchange-server-2007-renewing-self.html on how to renew.Casper Pieterse,
Principle Consultant - UC,
Dimension Data South Africa,
Microsoft Certified Master: Exchange 2007
February 16th, 2010 4:52pm