How to resolve App Evt Error 12016

I have been receiving the above (and 12015) App Evt errors on my Exchg 2K7 SP2 server. I have a valid CA cert (UCC) installed that doesn't expire until next year. Now, I did have an expired internal, self-signed TLS cert. Following the Evt suggestion, I went to http://technet.microsoft.com/en-us/library/aa998327.aspx and simply ran New-ExchangeCertificate in the EMShell and thought that would take care of it. I saw a new cert created in my Cert Console, yet I'm still getting the 12016 error. Any ideas how to resolve this? BTW...I hate dealing with certs! Mostly, cause I don't understand them fully in Exchg :)

Regards,
~coolsport00
LVL 40
coolsport00Asked:
Who is Participating?
 
AmitIT ArchitectCommented:
Hi Coolsport00,

Thanks for posting the event details. As you already mentioned your question that you have already tried  New-ExchangeCertificate command. Below article deals with same issue

http://forums.msexchange.org/m_1800511051/tm.htm

Here user used Enabled command to fix the issue.
0
 
AmitIT ArchitectCommented:
Please post the complete Event detail
0
 
Ahmed786Commented:
Follow below article it may help you.

http://support.microsoft.com/kb/555855
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
coolsport00Author Commented:
I don't have a program to wipe out some org-sensitive info, but this is what the Event says:

Date: 3/7/2011       Source: MSExchangeTransport
Time: 8:16:12 AM    Category: TransportService
Type: Error              Event ID: 12016
User: N/A
Computer: MyExchgServer

"There is no valid SMTP Transport Layer Security (TLS) certificate for the FQDN of MyExchgServer.myorg.com. The existing certificate for that FQDN has expired. The continued use of that FQDN will cause mail flow problems. A new certificate that contains the fQDN of MyExchgServer.myorg.com should be installed on this server as soon as possible. You can create a new certificate by using the New-ExchangeCertificate task.

For more information, see Help and Support Center at: http://go.microsoft.com/twlink/events.asp"

I forgot to mention in my orig post that I did restart the MS Transport service after I ran the New-ExchangeCertificate cmdlet.

"Ahmed786"...wrong event.

Regards,
~coolsport00
0
 
coolsport00Author Commented:
I recall (now) that cmdlet being needed to run (deal with certs on Exchg so rarely). I ran it, restarted my Transport service and waited to see if it resolved my Events....it didn't resolve it. Gosh, I'm stumped!
0
 
coolsport00Author Commented:
I think (maybe) what I also needed to do was "remove" the old cert? So, what I did was:
http://technet.microsoft.com/en-us/library/aa997569(EXCHG.80).aspx

It's been about 15mins and I haven't seen the Event to this point. Gonna wait a bit longer to see if it returns...
0
 
AmitIT ArchitectCommented:
Ya, I was reading your question again was thinking for the same. That removing old CA could be the fix, as they are expired and u don't need them...
0
 
coolsport00Author Commented:
Haven't seen the 'event' reoccur the remainder of the morning. Gonna go ahead and close. Thanks for taking the time to assist "amitkulshrestha".

Regards,
~coolsport00
0
 
coolsport00Author Commented:
So, for others that use internal TLS/SMTP Exchange 2K7 certs, to resolve the App Event 12016, do the following:

1. Simply run:
New-ExchangeCertificate
2. Implement', by running:
Enable-ExchangeCertificate -Thumbprint NumberOfCertJustGenerated -Services "IMAP, POP, SMTP" (you can add IIS here, but for me I use a different CA cert for that)
3. Remove expired cert:
Remove-ExchangeCertificate -Thumbprint NumberOfThumbprintOfExpiredCert

Hope that helps. Thanks for the assistance!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.