Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Add second domain to exchange 2007 certificate

Posted on 2012-09-18
1
Medium Priority
?
713 Views
Last Modified: 2012-09-18
Hi,

We have a exchange 2007 mail server (part of SBS 2008). I added a new accepted domain and given the users an new email address in the new domain. I also made the new email address primary.

Now I get the following error in the event log:
Microsoft Exchange could not find a certificate that contains the domain name mail.new-domain.com in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector Send Connector with a FQDN parameter of mail.new-domain.com. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.

I think I have to create a certificate for the new domain and enable the SMTP service for it. Or I can add the new domain to the existing certificate which is now used bij mail.old-domain.com.

I have tried to make a certificate request file (.csr) but i don't know how to get from there.

It has to be a self signed certificate.

All help is very welcome.

Regards,
M. Belali
0
Comment
Question by:PramoIT
1 Comment
 
LVL 18

Accepted Solution

by:
Sushil Sonawane earned 2000 total points
ID: 38409165
You can't add the domain name in existing certificate for that you have to reissue the certificate with multiple domain.

To create a self sign certificate please refer below links.

http://www.emailsecuritymatters.com/site/blog/best-practices/how-to-create-self-signed-ssl-certificate-exchange-2003-2007-2010-windows/

http://www.emailsecuritymatters.com/site/blog/best-practices/how-to-create-self-signed-ssl-certificate-exchange-2003-2007-2010-windows/

http://blogs.technet.com/b/andym/archive/2008/09/15/exchange-2007-create-self-signed-certificates.aspx

OR

Shell command for create self sing certificate :

New-ExchangeCertificate -SubjectName "c=US, o=abc Bank, cn=mail1.abc.com" -DomainName abc.com, example.com
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As much as Microsoft wants to kill off PST file support, just as they tried to do with public folders, there are still times when it is useful or downright necessary to export Exchange mailboxes to PST files. Thankfully, it is still possible to e…
With so many activities to perform, Exchange administrators are always busy in organizations. If everything, including Exchange Servers, Outlook clients, and Office 365 accounts work without any issues, they can sit and relax. But unfortunately, it…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Suggested Courses

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question