[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

problem with exchange certificate expiration

Posted on 2011-04-28
5
Medium Priority
?
783 Views
Last Modified: 2012-05-11
I am receiving an alert that a certificate on my hub transports is expiring, when I ran get-exchangecertificates, the cert in question showed a Status of DateInvalid, as shown below. How can i fix this? Thank you.

NotAfter           : 3/20/2011 2:52:53 PM
NotBefore          : 3/20/2009 2:22:55 PM
RootCAType         : ThirdParty
Services           : IMAP, POP, SMTP
Status             : DateInvalid
0
Comment
Question by:cyberleo2000
  • 3
  • 2
5 Comments
 
LVL 6

Expert Comment

by:J P
ID: 35487627
hey mate, according to he output, that certificate is showing as expired [3/20/2011], you should get a new one to replace it
0
 

Author Comment

by:cyberleo2000
ID: 35492428
I understand that, what I don't understand is the DATEINVALID status. Other expired certs show a status of INVALID. I would like to know the difference. Thanks.
0
 
LVL 6

Expert Comment

by:J P
ID: 35498998
a status code of DATEINVALID literally means either the certifcate has expired or the date on the machine is past the certificate date

a status code of INVALID can be for other reasons also, an example would be the certificate chain cannot be validated or is not trusted
0
 

Author Comment

by:cyberleo2000
ID: 35505299
Ok, I understand, thank you. This brings up another question. There are 5 certs on my hub transport. Only 2 of them have a status of valid. One lists IMAP, POP and IIS after Services and the other lists IMAP, POP and SMTP.

Does this mean I can delete the other 3? Since they are invalid, they are no doing anything, correct?
0
 
LVL 6

Accepted Solution

by:
J P earned 2000 total points
ID: 35709733
some certificates can still be utilised by services even though expired/invalid
if there are no complaints/issues around these invalid certificates, it doesnt hurt to keep them
normally when considering a tidyup, i would tend to export uneeded certificates and then remove
that way there is a backup copy for reference later on if required
cheers
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As much as Microsoft wants to kill off PST file support, just as they tried to do with public folders, there are still times when it is useful or downright necessary to export Exchange mailboxes to PST files. Thankfully, it is still possible to e…
There can be many situations demanding the conversion of Outlook OST files to PST format and as such, there is no shortage of automated tools to perform this conversion. However, what makes Stellar OST to PST converter stand above the rest? Let us e…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
Suggested Courses

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question