Exchange 2007
Currently getting an error with StartTLS SMTP. Unable to locate a valid certificate. Here is my Get-ExchangeCertificate output. It indicates my certs are invalid. there are also two on here that are expired.
AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {www.domain.com, domain.com, exch.domain.net, autodiscover.domain.com, webmail.domain.com, mail.domain.com, autodiscover.domain.net}
CertificateRequest :
IisServices : {IIS://exch/W3SVC/1}
IsSelfSigned : False
KeyIdentifier : xxxxxxxxxxxxxxxxxxxxxxxx
RootCAType : Unknown
Services : IMAP, POP, IIS, SMTP
Status : Invalid
PrivateKeyExportable : True
Archived : False
Extensions : {System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, Syste
m.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid}
FriendlyName : Microsoft Exchange
IssuerName : System.Security.Cryptography.X509Certificates.X500DistinguishedName
NotAfter : 3/4/2016 11:43:05 AM
NotBefore : 2/26/2015 3:14:40 PM
HasPrivateKey : True
PrivateKey : System.Security.Cryptography.RSACryptoServiceProvider
PublicKey : System.Security.Cryptography.X509Certificates.PublicKey
RawData : {48, 130, 5, 166, 48, 130, 4, 142, 160, 3, 2, 1, 2, 2, 8, 70...}
SerialNumber : XXXXXXXXXXXXXXXXXXXXXXX
SubjectName : System.Security.Cryptography.X509Certificates.X500DistinguishedName
SignatureAlgorithm : System.Security.Cryptography.Oid
Thumbprint : XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Version : 3
Handle : 509608784
Issuer : CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
Subject : CN=www.domain.com, OU=Domain Control Validated
AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {www.domain.com}
CertificateRequest : XXXXXXXXXXX
IisServices : {}
IsSelfSigned : True
KeyIdentifier : XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
RootCAType : Unknown
Services : None
Status : Invalid
PrivateKeyExportable : True
Archived : False
Extensions : {}
FriendlyName : Microsoft Exchange
IssuerName : System.Security.Cryptography.X509Certificates.X500DistinguishedName
NotAfter : 2/26/2016 8:53:48 PM
NotBefore : 2/26/2015 2:53:48 PM
HasPrivateKey : True
PrivateKey : System.Security.Cryptography.RSACryptoServiceProvider
PublicKey : System.Security.Cryptography.X509Certificates.PublicKey
RawData : {48, 130, 2, 81, 48, 130, 2, 62, 160, 3, 2, 1, 2, 2, 16, 134...}
SerialNumber : XXXXXXXXXXXXXXXXXXXXXXXXXX
SubjectName : System.Security.Cryptography.X509Certificates.X500DistinguishedName
SignatureAlgorithm : System.Security.Cryptography.Oid
Thumbprint : XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Version : 3
Handle : 509601504
Issuer : CN=www.domain.com, O=Company Intl., S=California, L=Irvine, C=US
Subject : CN=www.domain.com, O=Company Intl., S=California, L=Irvine, C=US
AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {mail.domain.com}
CertificateRequest : XXXXXXXXXXXXXXXXXXX
IisServices : {}
IsSelfSigned : True
KeyIdentifier : XXXXXXXXXXXXXXXXXXXXXX
RootCAType : Unknown
Services : None
Status : Invalid
PrivateKeyExportable : True
Archived : False
Extensions : {}
FriendlyName : Microsoft Exchange
IssuerName : System.Security.Cryptography.X509Certificates.X500DistinguishedName
NotAfter : 2/26/2016 8:49:38 PM
NotBefore : 2/26/2015 2:49:38 PM
HasPrivateKey : True
PrivateKey : System.Security.Cryptography.RSACryptoServiceProvider
PublicKey : System.Security.Cryptography.X509Certificates.PublicKey
RawData : {48, 130, 2, 83, 48, 130, 2, 64, 160, 3, 2, 1, 2, 2, 16, 181...}
SerialNumber : XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
SubjectName : System.Security.Cryptography.X509Certificates.X500DistinguishedName
SignatureAlgorithm : System.Security.Cryptography.Oid
Thumbprint : XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Version : 3
Handle : 509602800
Issuer : CN=mail.domain.com, O=Company Intl., S=California, L=Irvine, C=US
Subject : CN=mail.domain.com, O=Company Intl., S=California, L=Irvine, C=US
AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {www.domain.com}
CertificateRequest : XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
IisServices : {}
IsSelfSigned : True
KeyIdentifier : XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
RootCAType : Unknown
Services : None
Status : Invalid
PrivateKeyExportable : False
Archived : False
Extensions : {}
FriendlyName : Microsoft Exchange
IssuerName : System.Security.Cryptography.X509Certificates.X500DistinguishedName
NotAfter : 2/24/2012 7:57:09 PM
NotBefore : 2/24/2011 1:57:09 PM
HasPrivateKey : True
PrivateKey : System.Security.Cryptography.RSACryptoServiceProvider
PublicKey : System.Security.Cryptography.X509Certificates.PublicKey
RawData : {48, 130, 2, 81, 48, 130, 2, 62, 160, 3, 2, 1, 2, 2, 16, 38...}
SerialNumber : XXXXXXXXXXXXXXXXXXXXXXXXXXXXX
SubjectName : System.Security.Cryptography.X509Certificates.X500DistinguishedName
SignatureAlgorithm : System.Security.Cryptography.Oid
Thumbprint : XXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Version : 3
Handle : 509601104
Issuer : CN=www.domain.com, O=Company International, S=CA, L=Irvine, C=US
Subject : CN=www.domain.com, O=Company International, S=CA, L=Irvine, C=US
AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {www.domain.com}
CertificateRequest : XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
IisServices : {}
IsSelfSigned : True
KeyIdentifier : XXXXXXXXXXXXXXXXXXXXXXXXXXXX
RootCAType : Unknown
Services : None
Status : Invalid
PrivateKeyExportable : False
Archived : False
Extensions : {}
FriendlyName : Microsoft Exchange
IssuerName : System.Security.Cryptography.X509Certificates.X500DistinguishedName
NotAfter : 2/24/2012 7:56:13 PM
NotBefore : 2/24/2011 1:56:13 PM
HasPrivateKey : True
PrivateKey : System.Security.Cryptography.RSACryptoServiceProvider
PublicKey : System.Security.Cryptography.X509Certificates.PublicKey
RawData : {48, 130, 2, 81, 48, 130, 2, 62, 160, 3, 2, 1, 2, 2, 16, 178...}
SerialNumber : XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
SubjectName : System.Security.Cryptography.X509Certificates.X500DistinguishedName
SignatureAlgorithm : System.Security.Cryptography.Oid
Thumbprint : XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Version : 3
Handle : 509602944
Issuer : CN=www.domain.com, O=Company International, S=CA, L=Irvine, C=US
Subject : CN=www.domain.com, O=Company International, S=CA, L=Irvine, C=US
Any help would be appreciated.