Solved

unable to create or edit certificates in exchange

Posted on 2010-11-22
3
1,347 Views
Last Modified: 2012-06-21
For some reason there is no cert for the internal LAN FQDN exchange.domain.local so I'm trying to create one:
New-ExchangeCertificate -DomainName exchange.freefromhunger.office

but get an error:
[PS] C:\Documents and Settings\vn>New-ExchangeCertificate -DomainName exchange.freefromhunger.office
WARNING: An unexpected error has occurred and debug information is being generated: Name 192.168.67.3 is not a valid DNS name.
Parameter name: names
New-ExchangeCertificate : Name 192.168.67.3 is not a valid DNS name.
Parameter name: names
At line:1 char:24
+ New-ExchangeCertificate  <<<< -DomainName exchange.freefromhunger.office


This machine is also the sole DC. It was made the DC a few months ago so maybe the DNS problem is because of that? I've checked dns via dcdiag /v /e /TEST:DNS and resolved the one error about the old DC still being listed as a Delegated server.

Any ideas on how to get a new cert in there? The error that I'm ultimately trying to resolve is:
Event Type:      Error
Event Source:      MSExchangeTransport
Event Category:      TransportService
Event ID:      12014
Date:            11/22/2010
Time:            10:58:02 AM
User:            N/A
Computer:      EXCHANGE
Description:
Microsoft Exchange couldn't find a certificate that contains the domain name Exchange.freefromhunger.office in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector Intra-Organization SMTP Send Connector with a FQDN parameter of Exchange.freefromhunger.office. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.


Thanks!
Roman
0
Comment
Question by:dcheest
  • 2
3 Comments
 
LVL 5

Expert Comment

by:mittermueller
ID: 34192053
Try taking the whole syntax. E.g.:  New-ExchangeCertificate -GenerateRequest -SubjectName "c=DE, o=test.de, cn=mail.test.de" -includeAutodiscover -IncludeAcceptedDomains -DomainName mail.test.de,XCHG-SRV,XCHG-SRV.intern.test.de -privatekeyexportable $true -Path c:\certrequest.txt
0
 

Accepted Solution

by:
dcheest earned 0 total points
ID: 34192175
Found that two of the other SMTP connectors had invalid FQDN's specified. Updated those to the internal FQDN and the command succeeded.
0
 

Author Closing Comment

by:dcheest
ID: 34221295
Found the solution while waiting for a reply. Thanks anyways!
0

Featured Post

Too many email signature changes to deal with?

Are you constantly being asked to update your organization's email signatures? Do they take up too much of your time? Wouldn't you love to be able to manage all signatures from one central location, easily design them and deploy them quickly to users. Well, you can!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

930 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now