Solved

Exchange 2007 - No email since adding SMTP service to SSL certificate

Posted on 2009-07-04
3
1,003 Views
Last Modified: 2012-05-07
I recently needed to add the SMTP service to our SSL certificate for use with OCS2007.
Now none of the email is getting through the Hub Transport. All roles are on the one server (we dont have an Edge Transport Server). I rebooted the server only to find ALL services are now assigned to the SSL certificate. The self signed cert is still there with the SMPT, IIS servides applied.
The SSL cert wal already applied to the IIS sites.
Running the Exchange analyser, it initially comes up with the Hub Trnasport role installed, but then comes up saying it cant find the Hub Trnasport when checking the queues. Have I missed a step somewhere?
Without building a new Hub Transport server elsewhere, what can I do. I can remove the certificates as Exchange complains that some services will not work . (Fair enough)
Thoughts appreciated...
0
Comment
Question by:riskyflier
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 2

Accepted Solution

by:
William Yang earned 500 total points
ID: 24777091
Did you get any 12014 error in event log?

If yes, it means the FQDN on SMTP receive connector does not match the one on the self-cert certificate.

You can try to fix it by:
1. check the FQDN on the receive connector. Make sure it is not configured to external FQDN.

2. Use the powershell command below to renew the self-cert and assign it for SMTP service.
New-ExchangeCertificate -SubjectName "CN=<server internal FQDN>" | Enable-ExchangeCertificate -Services "SMTP"
0
 

Author Comment

by:riskyflier
ID: 24777486
No such errors whatsoever in the event log. But I'll check the FQDN. From what I remember from yesterday it DID have the FQDN (external) configured on the receive connector.
Will let you know. Thx
0
 

Author Comment

by:riskyflier
ID: 24783974
Well, looking at the SAN certificate, it states invalid when running the Get-ExchangeCert command.
I think I'll follow your advise to renew the self cert...

Will let you know how it pans out.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
Read this checklist to learn more about the 15 things you should never include in an email signature.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question