?
Solved

Exchange TLS certificate expired

Posted on 2013-05-16
11
Medium Priority
?
1,114 Views
Last Modified: 2013-09-12
Hi Experts,

I have an issue where a security certificate expired the other day on our SBS server and i continually get this message in my event logs. I have followed the Microsoft article to renew the certificate with the same thumb print but the error still occurs.

I also have tried server restarts, importing the new certificate into the trusted certificate list but still the error appears.

It is an SBS 2008 server, please see below for full error message.

Source: MSExchangeTransport
Category: TransportService
Event ID: 12016
User (If Applicable): N/A
Computer: ExchangeServer.Domain.Local
Event Description: There is no valid SMTP Transport Layer Security (TLS) certificate for the FQDN of remote.domain.com.au. The existing certificate for that FQDN has expired. The continued use of that FQDN will cause mail flow problems. A new certificate that contains the FQDN of remote.domain.com.au should be installed on this server as soon as possible. You can create a new certificate by using the New-ExchangeCertificate task.
Event Log Name: Application
Event Log Type: error


Look forward to reading your comments
0
Comment
Question by:isdd2000
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 2
  • +1
11 Comments
 
LVL 26

Expert Comment

by:Tony J
ID: 39171416
0
 
LVL 4

Expert Comment

by:iammorrison
ID: 39171459
The main question is who is the CA? Is it self signed, internal CA or external CA?
0
 

Author Comment

by:isdd2000
ID: 39171498
Hi tony,
Yes I have tried importing the certificate into the sbs console.

Hi Jammorrison,
It's self assigned
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 
LVL 4

Expert Comment

by:iammorrison
ID: 39171603
Do any of the certs that you have tried show up in either the excahnge console or in shell? And if they do show up, is it stating that there is no private key associated?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39171894
As this is SBS, if you don't want to use a commercial certificate, then just run the Configure my Internet Name wizard in the console. That will generate a new certificate.

Simon.
0
 

Author Comment

by:isdd2000
ID: 39384728
Will try that Sembee2
0
 

Author Comment

by:isdd2000
ID: 39469414
Hi guys,

Sorry I know this has been a long standing issue.

Sembee2: I cant find configure my internet name in the console.

Jammorrison: where is it in the console?
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 2000 total points
ID: 39469626
it is called setup your internet address, and is on the Network, Connectivity section.
Running fix my network should also resolve the issue.

Simon.
0
 

Author Comment

by:isdd2000
ID: 39482075
Hi Simon,

Will this effect our current configuration?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39488880
Shouldn't do. Just make sure that the settings are the same as what you have now.
Fix my network shouldn't change anything, but it depends what that tool finds.

Simon.
0
 

Author Closing Comment

by:isdd2000
ID: 39488912
Fix my network did not resolve this issue, re running setup internet address did after a server restart
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
Find out what you should include to make the best professional email signature for your organization.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Suggested Courses
Course of the Month11 days, 20 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question