Solved

Send connector FQDN setting for Exchange 2010

Posted on 2013-01-02
4
3,516 Views
Last Modified: 2013-01-04
I recently upgraded to exchange 2010.  In front of exchange is a websense email server (WES) filtering spam.  The Exchange connector is configured to relay mail to the WES server before it leaves the building.  On the exchange server there is an error logged every few minutes:

ID 12014 -  Microsoft Exchange could not find a certificate that contains the domain name wes.domain.local in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector WES with a FQDN parameter of wes.cunj.local. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.

What should be listed under Exchange's send connector properties where it says "Specify the FQDN this connector will provide in response to HELO or EHLO:"?

Right now I have wes.domain.local which I'm thinking maybe should be the name of my mail record.  Or perhaps I have that entirely wrong and the error indicates something else.  Please let me know what you think, thanks!
0
Comment
Question by:First Last
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 49

Accepted Solution

by:
Akhater earned 500 total points
ID: 38739431
this error simply means that the name in your EHLO command is not present in the ssl certificate installed on your server, you can ignore this error but it is easy to fix
0
 
LVL 1

Author Comment

by:First Last
ID: 38739847
@Akhater - Ok, I'm 99% sure that all I'd need to do is change the entry to the same address as my public mail record.  Sound right?
0
 
LVL 49

Expert Comment

by:Akhater
ID: 38739865
ultimately it should be the same as your MX record yes
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question