Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1494
  • Last Modified:

unable to create or edit certificates in exchange

For some reason there is no cert for the internal LAN FQDN exchange.domain.local so I'm trying to create one:
New-ExchangeCertificate -DomainName exchange.freefromhunger.office

but get an error:
[PS] C:\Documents and Settings\vn>New-ExchangeCertificate -DomainName exchange.freefromhunger.office
WARNING: An unexpected error has occurred and debug information is being generated: Name 192.168.67.3 is not a valid DNS name.
Parameter name: names
New-ExchangeCertificate : Name 192.168.67.3 is not a valid DNS name.
Parameter name: names
At line:1 char:24
+ New-ExchangeCertificate  <<<< -DomainName exchange.freefromhunger.office


This machine is also the sole DC. It was made the DC a few months ago so maybe the DNS problem is because of that? I've checked dns via dcdiag /v /e /TEST:DNS and resolved the one error about the old DC still being listed as a Delegated server.

Any ideas on how to get a new cert in there? The error that I'm ultimately trying to resolve is:
Event Type:      Error
Event Source:      MSExchangeTransport
Event Category:      TransportService
Event ID:      12014
Date:            11/22/2010
Time:            10:58:02 AM
User:            N/A
Computer:      EXCHANGE
Description:
Microsoft Exchange couldn't find a certificate that contains the domain name Exchange.freefromhunger.office in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector Intra-Organization SMTP Send Connector with a FQDN parameter of Exchange.freefromhunger.office. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.


Thanks!
Roman
0
dcheest
Asked:
dcheest
  • 2
1 Solution
 
mittermuellerCommented:
Try taking the whole syntax. E.g.:  New-ExchangeCertificate -GenerateRequest -SubjectName "c=DE, o=test.de, cn=mail.test.de" -includeAutodiscover -IncludeAcceptedDomains -DomainName mail.test.de,XCHG-SRV,XCHG-SRV.intern.test.de -privatekeyexportable $true -Path c:\certrequest.txt
0
 
dcheestAuthor Commented:
Found that two of the other SMTP connectors had invalid FQDN's specified. Updated those to the internal FQDN and the command succeeded.
0
 
dcheestAuthor Commented:
Found the solution while waiting for a reply. Thanks anyways!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now