Posted on 2012-09-17
Last Modified: 2012-11-13
How to reslove below error

Event Type:      Error
Event Source:      MSExchangeTransport
Event Category:      TransportService
Event ID:      12014
Date:            15/09/2012
Time:            12:32:45 PM
User:            N/A
Computer:      BQUALSMX01
Microsoft Exchange could not find a certificate that contains the domain name bqualsmx01.bigfootgrp.corp.local in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector Default Receive Connecter with a FQDN parameter of bqualsmx01.bigfootgrp.corp.local. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.

For more information, see Help and Support Center at
Question by:murugancbe
    LVL 2

    Expert Comment

    Microsoft have a known solution for this.

    1. Open "Exchange Management Shell".
    2. Write "get-ExchangeCertificate" and press on "Enter" button.
    3. Write down the Thumbprint of the certificate that reflect the required FQDN name of the server.
    4. Review the current certificate that use by the Exchange server and
             each certificate function.
    5. Write "Enable-ExchangeCertificate -Thumbprint 2afd26617915932ad096c48eb3b847fc7457662 -Services "SMTP"
           and press on 'Enter" button.
    •The value of -Thumbprint obtained in stage 3.

    6. Restart the Exchange server.

    LVL 15

    Accepted Solution

    When you install Exchange 2010 - it creates a self-signed SSL certificate.
    If you are planning to use Outlook Web App or ActiveSync to allow users to connect from the Internet it is generally recommended that you use a 3rd party and purchase an SSL certificate. Purchasing through a 3rd party means that when uses connect they will know it is a trusted certificate (if thier phone/browser supports that SSL chain. ) Most browsers and phone have the common SSL authorities built in.

    It seems like the self-signed certificate is having issues.
    You can open a MMC console and the certificate snap-in, you will be prompted with snap-in will be used to manage certificates for "My user account, Service account, Computer Account" - select the computer account. Then choose local acocunt ( run the mmc from your exchange server noted in the event log message) Then in the certificate store you can click on Personal - this is where you would typically see the self-signed certifiate Exchaneg created during the install.

    From the Exchange Management shell run
    get-ExchangeCertificate | fl

    cut and paste this respone into a file and save it.
    You will want to note the services running on it.

    Depending if you want a self-signed - follow the directions below or a 3rd party purchased ssl - follow directions at thier site.

    Create a New Exchange Certificate

    Hope this helps,

    Featured Post

    PRTG Network Monitor: Intuitive Network Monitoring

    Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

    Join & Write a Comment

    Easy CSR creation in Exchange 2007,2010 and 2013
    Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
    In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
    In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    24 Experts available now in Live!

    Get 1:1 Help Now