Hi, I need advice. I have a new third-party certificate, which is properly applied to Exchange and works well. I, however, still get a lot of warning events in event viewer. I would like to eliminate these events. The thumbprint referred to in the event log is for a self-signed certificate that is no longer on the personal store. What is the best practice for self-signed certificate when one has a third-party certificate applied? The complete text: Microsoft Exchange could not load the certificate with thumbprint of 1DB2367A782C8433A20E6C2EA2A1AAE78297CF3A from the personal store on the local computer. This certificate was configured for authentication with other Exchange servers. Mail flow to other Exchange servers could be affected by this error. If the certificate with this thumbprint still exists in the personal store, run Enable-ExchangeCertificate 1DB2367A782C8433A20E6C2EA2A1AAE78297CF3A -Services SMTP to resolve the issue. If the certificate does not exist in the personal store, restore it from backup by using the Import-ExchangeCertificate cmdlet, or create a new certificate for the FQDN or the server enabled for SMTP by running the following command: New-ExchangeCertificate -DomainName serverfqdn -Services SMTP. Meanwhile, the certificate with thumbprint 2CC3530E19B124B8EF944E6EBA6963B1AC557316 is being used. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Event ID 12023, Transport service, sorce: MsExchangeTransport

Hi, Did you see this KB for same issue : http://technet.microsoft.com/en-us/library/bb232032(EXCHG.80).aspx Anil

Hi Anil, This is an irritant more than a hindrance. As explained, the third-party certificate is fine. I created a new certificate as highlighted, without any arguments. Meanwhile, the certificate with thumbprint 2CC3530E19B124B8EF944E6EBA6963B1AC557316 is being used. That is due to the new self-signed certificate I created. My get-exchange certificate output 2CC3530E19B124B8EF944E6EBA6963B1AC557316 ....S CN=ws1.saide.org.za 78D73390EDB545B95A8B59326D90FA6FE34DF775 IP.WS E=postmaster@saide.org.... Whys is it still reporting an error on the old self-signed certificate, when I have a new self-signed certificate that's enabled for SMTP?