Link to home
Create AccountLog in
Avatar of sparkis
sparkis

asked on

Deleted Default (Internal) Exchange Cert

I just installed a new SAN Cert on a new installation of Exchange 2010 SP1 RU2. After I installed the Cert I removed the default cert created by exchange during installation. now getting error 12014. What do I do here to tell exchange to always use the san cert - although the internal FQDN is not listed on that SAN. Or do I have to recreate it and enable SMTP services?

Microsoft Exchange could not find a certificate that contains the domain name exchangeserver.mydomain.com in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector Internet with a FQDN parameter of exchangeserver.mydomain.com. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.

Thanks - SJMP
Avatar of Satya Pathak
Satya Pathak
Flag of India image

for this issue i would suggest you please go ahead and check the transport inbound and outbound connector.make sure both place FQDN are same .. if you are not using any smart host .

 
Avatar of sparkis
sparkis

ASKER

not using a smart host. I assume this error is because I removed the Cert that contained the FQDN for internal mail only. My SAN Cert does not contain the internal FQDN for my server.

All FQDN are correct on my transport send/receive connectors.

Do I need to re-create this internal Cert for internal mail? If so how and do I only need to enable SMTP service? Since this is related to SMTP TLS?

Thanks,
ASKER CERTIFIED SOLUTION
Avatar of sparkis
sparkis

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of sparkis

ASKER

this was the fix