Solved

Exchange 2007 errors, how to solve?

Posted on 2010-08-29
4
854 Views
Last Modified: 2012-05-10
This is using Windows 2003 ad domain, with 2 exchange 2007 servers. Only one exch server - exch003 is join ad domain, holds 3 roles - CA, Mailbox, and hub transport. The other one is edge transport server - exch002. Recently, found that there is some delay for mail sending internally and externally. 3 major errors were found in application log in exch003 server:

   1. Source:MsexchangeSA
       EventID: 9513

       Microsoft Exchange System attendant reported an error '0x80072020' when sending DS notificaiton.

    2. Source: MsExchangeTransport
        EventID: 12019

        The remote internal transport certificate expired. Certificate subject: cn=exch002

    3. Source: MsExchangeTransport
        EventID: 12014


What's went wrong? How to solve it?
0
Comment
Question by:Balack
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 6

Expert Comment

by:craig_j_Lawrence
ID: 33555839
Hi Balack,

from the information posted it appears that the certuficate on your edge server has expired. Here is an article to describe how to update your certificate: http://msmvps.com/blogs/andersonpatricio/archive/2009/10/02/how-to-renew-the-self-signed-certificate-using-exchange-2010.aspx

Hope that helps

Craig
0
 
LVL 2

Accepted Solution

by:
greenasp earned 500 total points
ID: 33555848
It expires every year, this is how to issue a new cert...... it is easy..

First open up the exchange shell and type the command Get-ExchangeCertificate | List

This will show the current certificate and you can see the expiry date of it

Create a new certificate with the command
New-ExchangeCertificate
It will prompt to overwrite SMTP, say Yes

Now if you run
Get-ExchangeCertificate | List
You will see both certificates listed. They each have a thumbprint which is their unique identifier.

You will also see that the old certificate is still being used for IIS.

Enable the new certificate for IIS with the command
Enable-ExchangeCertificate -Thumbprint (new certificate's thumprint) -Service IIS

Now remove the old certificate
Remove-ExchangeCertificate -Thumbprint (old certificate's thumbprint)

And you're done
0
 

Author Comment

by:Balack
ID: 33556835
Hi greenasp,

After renewing all the certs, will it run into the ms outlook certificate error issue?
0
 

Author Closing Comment

by:Balack
ID: 33698000
Good
0

Featured Post

Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question