Link to home
Start Free TrialLog in
Avatar of TuscarawasCountyAdmin
TuscarawasCountyAdmin

asked on

The Exchange Certificate will expire warning

On reboot of my server in the application log I get the following warning from the Source MSExchange Web Services.

The exchange certificate
cn=ServerA.domain

Issuer
cn=ServerA.domain


Serial number
###

Not Before
Install date of server

Not After
1 year from install date of server

Thumbprint
####

will expire on  (1 year from install date of server).

This certificate was issued by this server.  When a Get-ExchangeCertificate command is run I do not see the above listed certificate. When I check the EMC I see two certificates one issued by digicert and one issued by "Federation"; neither of which have that expiration date.  Where else can I find this certificate that is giving the error?
Avatar of isaman07
isaman07
Flag of Canada image

Launch internet explorer on your exchange server, tools---> internet options--->Content--->certificates
Check under trusted root certification authority and intermediate if you can find it. If the issuer is your exchange server itself you can safely delete that certificate, since your exchange already has other valid certificates used by IIS.
Avatar of TuscarawasCountyAdmin
TuscarawasCountyAdmin

ASKER

Sorry, I forgot to state that I had already done that also and there is nothing listed with the same expriation date or even close to it.
Check if there are any certificates applied by a GPO in active directory.
There are none.
ASKER CERTIFIED SOLUTION
Avatar of isaman07
isaman07
Flag of Canada image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Ah ha!  I found the certificate in there.  It is labelled temp.  I also see the two other certificates, my cert issued by digicert and the one by federation.  Is it safe to delete this temp certificate?  It must have been created by the vendor when our exchange server was installed.
Yes, it is safe, as long as you don't see it used in your EMC. But try to copy it just to be on the safe side.