• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 457
  • Last Modified:

MS Remote Connectivity Analyzer Exchange ActiveSynch test uses to old certificate

I recently migrated SBS 2003 (including Exchange 2008) to SBS 2011 using the Migration Wizard.  Almost everything went smoothly.  When I run the MS Remote Connectivity Analyzer to test Exchange ActiveSynch, it logs in and obtains the remote SSL certificate ok, but the certificate it obtains refers to the old SBS 2003 Server, not the new SBS 2011 server.

The error(s) ("Validating certificate name", "Validating SSL Certificate") all refer to the Remote Certificate as Subject: CN=mail.MyDomain.org, CN=companyweb, CN=OldServer, CN=localhost, CN=OldServer.CorrectDomain.local, Issuer: CN=mail.mydomain.org, CN=companyweb, CN=OldServer, CN=localhost, CN=OldServer.CorrectDomain.local.

I have purchased and installed a new Exchange Certificate from GoDaddy, assuming that it would replace the incorrect one, but it didn't.  I can't find this old certificate to remove or replace it.  I can't figure out where it is getting this certificate. Any suggestions?

Thanks
0
keyadvice
Asked:
keyadvice
  • 3
  • 2
1 Solution
 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
Did you just import the OLD certs without modfying them ??

Run the command
Get-Exchangecertficates also check with IIS

- Rancy
0
 
Alan HardistyCommented:
Did you redirect port 443 to your new server or is it still pointing to the old server?
0
 
keyadviceAuthor Commented:
Rancy:  Get-ExchangeCertificate refers to the correct certificate.  What do you mean 'check with IIS"?
 
AlanHardesty:  Port 443 points to the new server and the old server is offline anyway.
0
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

 
Alan HardistyCommented:
To check the Cert - go to the Exchange Management Console and under Server Config you should see the certificate that is installed and active.

Is that the right one?
0
 
keyadviceAuthor Commented:
I discovered after more investigation that the old certificate had been installed in the firewall device ( before my time). It was then an easy fix to remove the certificate from there, and then the new cert was visible. I guess the lesson is to not make your assumptions about where a problem lies too narrow.
0
 
keyadviceAuthor Commented:
The problem was solved once the location of the old certificate was discovered.
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now