Solved

Send connector FQDN setting for Exchange 2010

Posted on 2013-01-02
4
3,261 Views
Last Modified: 2013-01-04
I recently upgraded to exchange 2010.  In front of exchange is a websense email server (WES) filtering spam.  The Exchange connector is configured to relay mail to the WES server before it leaves the building.  On the exchange server there is an error logged every few minutes:

ID 12014 -  Microsoft Exchange could not find a certificate that contains the domain name wes.domain.local in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector WES with a FQDN parameter of wes.cunj.local. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.

What should be listed under Exchange's send connector properties where it says "Specify the FQDN this connector will provide in response to HELO or EHLO:"?

Right now I have wes.domain.local which I'm thinking maybe should be the name of my mail record.  Or perhaps I have that entirely wrong and the error indicates something else.  Please let me know what you think, thanks!
0
Comment
Question by:First Last
  • 2
4 Comments
 
LVL 19

Expert Comment

by:R--R
Comment Utility
0
 
LVL 49

Accepted Solution

by:
Akhater earned 500 total points
Comment Utility
this error simply means that the name in your EHLO command is not present in the ssl certificate installed on your server, you can ignore this error but it is easy to fix
0
 
LVL 1

Author Comment

by:First Last
Comment Utility
@Akhater - Ok, I'm 99% sure that all I'd need to do is change the entry to the same address as my public mail record.  Sound right?
0
 
LVL 49

Expert Comment

by:Akhater
Comment Utility
ultimately it should be the same as your MX record yes
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Synchronize a new Active Directory domain with an existing Office 365 tenant
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now