I recently upgraded to exchange 2010. In front of exchange is a websense email server (WES) filtering spam. The Exchange connector is configured to relay mail to the WES server before it leaves the building. On the exchange server there is an error logged every few minutes:
ID 12014 - Microsoft Exchange could not find a certificate that contains the domain name wes.domain.local in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector WES with a FQDN parameter of wes.cunj.local. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.
What should be listed under Exchange's send connector properties where it says "Specify the FQDN this connector will provide in response to HELO or EHLO:"?
Right now I have wes.domain.local which I'm thinking maybe should be the name of my mail record. Or perhaps I have that entirely wrong and the error indicates something else. Please let me know what you think, thanks!
http://www.microsoft.com/technet/support/ee/transform.aspx?ProdName=Exchange&ProdVer=8.0&EvtID=12014&EvtSrc=MSExchangeTransport
http://support.microsoft.com/kb/555855