Solved

Event ID 12014 in Event Viewer: Microsoft Exchange could not find a certificate

Posted on 2009-04-13
2
1,009 Views
Last Modified: 2012-05-06
I have the error:
Microsoft Exchange couldn't find a certificate that contains the domain name exchange.abm1.com in the personal store on the local computer. Therefore, it is unable to offer the STARTTLS SMTP verb for any connector with a FQDN parameter of exchange.abm1.com. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for every connector FQDN.
Source: MSExchangeTransport
Category: TransportService
Computer: Domain-Server

I made sure that the certificate is installed and the FQDN is valid. I'm pretty sure there is something wrong with the certificates, but I can't find the problem.  The FQDN as listed in Exchange is exchange.abm1.com.

My certificates on Exchange are:
CertificateDomains : {mail.abm1.com, exchange.abm1.com, abm1.com}
Services           : IMAP, POP, SMTP
Status             : Valid
Thumbprint         : 1DC8B47E01822682D8ABB0A0B138565E0F41D8A6

CertificateDomains : {domain-server.abm1.local}
Services           : SMTP
Status             : Valid
Thumbprint         : 16688F085DB111FAF419A7255967B6AF7C3CD020

CertificateDomains : {exchange.abm1.com, mail.abm1.com, abm1.com}
Services           : IMAP, POP, IIS, SMTP
Status             : Valid
Thumbprint         : 760F76432B00B3968BEF16D98751445354C20934

CertificateDomains : {mail.abm1.com, abm1.com}
Services           : None
Status             : Invalid
Thumbprint         : FB139ACC67FCD972AA3E74FE96A90D5D31D1A532

CertificateDomains : {mail.abm1.com, exchange.abm1.com, domain-server}
Services           : IMAP, POP
Status             : DateInvalid
Thumbprint         : EDC0224ABCAE5F0FDA90E811A15FB051FF51E84D

I am unable to send to a few domains, but I'm not sure if this is the cause or not.  Thanks!
0
Comment
Question by:BEKtech
2 Comments
 
LVL 65

Accepted Solution

by:
Mestha earned 500 total points
ID: 24133799
The first thing I would do is remove the invalid certificates. If they have expired there is no need to have them there.
You have two that are identical, are they both valid? Are they both from commercial providers? Ideally you want to be down to one, at most two certificates on the server.

If you change the FQDN on the Send Connector to one of the other names on the certificate and then restart the Transport Service, what happens then?

Also ensure that your RECEIVE connector FQDN is set to the server's own FQDN - so server.domain.local, not an alias name like mail.example.com (unless your server really is called mail.example.com).

Simon.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
Find out what you should include to make the best professional email signature for your organization.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now