unable to create or edit certificates in exchange

For some reason there is no cert for the internal LAN FQDN exchange.domain.local so I'm trying to create one:
New-ExchangeCertificate -DomainName exchange.freefromhunger.office

but get an error:
[PS] C:\Documents and Settings\vn>New-ExchangeCertificate -DomainName exchange.freefromhunger.office
WARNING: An unexpected error has occurred and debug information is being generated: Name 192.168.67.3 is not a valid DNS name.
Parameter name: names
New-ExchangeCertificate : Name 192.168.67.3 is not a valid DNS name.
Parameter name: names
At line:1 char:24
+ New-ExchangeCertificate  <<<< -DomainName exchange.freefromhunger.office


This machine is also the sole DC. It was made the DC a few months ago so maybe the DNS problem is because of that? I've checked dns via dcdiag /v /e /TEST:DNS and resolved the one error about the old DC still being listed as a Delegated server.

Any ideas on how to get a new cert in there? The error that I'm ultimately trying to resolve is:
Event Type:      Error
Event Source:      MSExchangeTransport
Event Category:      TransportService
Event ID:      12014
Date:            11/22/2010
Time:            10:58:02 AM
User:            N/A
Computer:      EXCHANGE
Description:
Microsoft Exchange couldn't find a certificate that contains the domain name Exchange.freefromhunger.office in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector Intra-Organization SMTP Send Connector with a FQDN parameter of Exchange.freefromhunger.office. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.


Thanks!
Roman
dcheestAsked:
Who is Participating?
 
dcheestAuthor Commented:
Found that two of the other SMTP connectors had invalid FQDN's specified. Updated those to the internal FQDN and the command succeeded.
0
 
mittermuellerCommented:
Try taking the whole syntax. E.g.:  New-ExchangeCertificate -GenerateRequest -SubjectName "c=DE, o=test.de, cn=mail.test.de" -includeAutodiscover -IncludeAcceptedDomains -DomainName mail.test.de,XCHG-SRV,XCHG-SRV.intern.test.de -privatekeyexportable $true -Path c:\certrequest.txt
0
 
dcheestAuthor Commented:
Found the solution while waiting for a reply. Thanks anyways!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.