Solved

unable to create or edit certificates in exchange

Posted on 2010-11-22
3
1,362 Views
Last Modified: 2012-06-21
For some reason there is no cert for the internal LAN FQDN exchange.domain.local so I'm trying to create one:
New-ExchangeCertificate -DomainName exchange.freefromhunger.office

but get an error:
[PS] C:\Documents and Settings\vn>New-ExchangeCertificate -DomainName exchange.freefromhunger.office
WARNING: An unexpected error has occurred and debug information is being generated: Name 192.168.67.3 is not a valid DNS name.
Parameter name: names
New-ExchangeCertificate : Name 192.168.67.3 is not a valid DNS name.
Parameter name: names
At line:1 char:24
+ New-ExchangeCertificate  <<<< -DomainName exchange.freefromhunger.office


This machine is also the sole DC. It was made the DC a few months ago so maybe the DNS problem is because of that? I've checked dns via dcdiag /v /e /TEST:DNS and resolved the one error about the old DC still being listed as a Delegated server.

Any ideas on how to get a new cert in there? The error that I'm ultimately trying to resolve is:
Event Type:      Error
Event Source:      MSExchangeTransport
Event Category:      TransportService
Event ID:      12014
Date:            11/22/2010
Time:            10:58:02 AM
User:            N/A
Computer:      EXCHANGE
Description:
Microsoft Exchange couldn't find a certificate that contains the domain name Exchange.freefromhunger.office in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector Intra-Organization SMTP Send Connector with a FQDN parameter of Exchange.freefromhunger.office. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.


Thanks!
Roman
0
Comment
Question by:dcheest
  • 2
3 Comments
 
LVL 5

Expert Comment

by:mittermueller
ID: 34192053
Try taking the whole syntax. E.g.:  New-ExchangeCertificate -GenerateRequest -SubjectName "c=DE, o=test.de, cn=mail.test.de" -includeAutodiscover -IncludeAcceptedDomains -DomainName mail.test.de,XCHG-SRV,XCHG-SRV.intern.test.de -privatekeyexportable $true -Path c:\certrequest.txt
0
 

Accepted Solution

by:
dcheest earned 0 total points
ID: 34192175
Found that two of the other SMTP connectors had invalid FQDN's specified. Updated those to the internal FQDN and the command succeeded.
0
 

Author Closing Comment

by:dcheest
ID: 34221295
Found the solution while waiting for a reply. Thanks anyways!
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In-place Upgrading Dirsync to Azure AD Connect
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question