[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Certificate error in app log

Posted on 2013-02-04
3
Medium Priority
?
339 Views
Last Modified: 2013-02-04
I keep getting this message is my application log even though I do not seem to be having any issues with SMTP traffic: Microsoft Exchange could not find a certificate that contains the domain name mail.xxxxxxxxxx.com in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector XXXXXXXXXX Send Connector with a FQDN parameter of mail.XXXXXXXXXX.com. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.
Now when I go and loo at my certificates I have 5 in there, shouldn't there only be one in there to cover all the services?
Here is what I have in mine
1.Microsoft Exchange | True | The certificate is valid for Exchange Server usage | IMAP,POP,IIS,SMTP | CN=XXX-Exch1 | CN=XXX-Exch1 | 10/23/2017      
2.Microsoft Exchange | True | The certificate is valid for Exchange Server usage |  IMAP,POP,SMTP | CN-XXX-Exch1 | CN=XXX-Exch1 | 6/16/2017
3.Microsoft Exchange | True | The certificate is valid for Exchange Server usage | IMAP,POP,SMTP | CN=XXX-Exch1 | CN=XXX-Exch1 | 6/16/2017
4."no name" | True | The certificate is valid for Exchange Server usage | SMTP | CN=WMSvc-XXX-Exch1 | CN=WMSvc-XXX-Exch1 | 10/22/2017
5."no name" | True | The certificate is valid for Exchange Server usage | SMTP | CN=XXXX-XXX-Exch1-CA,DC=XXXXXX,DC=local |  CN=XXXX-XXX-Exch1-CA,DC=XXXXXX,DC=local |  10/1/2015
0
Comment
Question by:jrbower
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 

Author Comment

by:jrbower
ID: 38851214
Also, the last certificate is the only one that is trusted! The rest all say "This CA Root Certificate is not trusted.To enable trust, install this certificate in the Trusted Root Certifications Authorities Store. Maybe I just need to be walk through this process. I cannot seem to get this to work.
0
 
LVL 3

Accepted Solution

by:
jamesaskham earned 2000 total points
ID: 38851285
This error is nothing to be concerned about. It is basically informing you that STARTTLS won't work for SMTP (for example, if you have IMAP users and want them to send securely via your Exchange server using SMTP), which is most cases won't matter.

To resolve this, you'll need to get yourself a Third Party SSL certificate, import it into your server and then enable it for SMTP. However, it's not a problem to ignore this error message (assuming you don't want to use secure SMTP).

You can get SSL certificates from lots of places, and there are plenty of guides available to install it (such as http://goo.gl/TCKUi).

Cheers

James
0
 

Author Closing Comment

by:jrbower
ID: 38851298
Thank you very much. I did not think it was too big of a concern, but I wanted to make sure. Of course I may still consider getting a SSL certificate. What about the certificates that are not in the trusted root authorization store?

Thanks,

John
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question