Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Event ID 12014 Exchange 2007

Posted on 2013-06-10
5
Medium Priority
?
529 Views
Last Modified: 2013-06-12
Windows 2003 R2 Enterprise 64bit Server
Exchange 2007 Enterprise 64bit

After opening port 1025 for smtp on my exchange server

I am now getting this error

Event Type:      Error
Event Source:      MSExchangeTransport
Event Category:      TransportService
Event ID:      12014
Date:            4/11/2013
Time:            6:00:36 PM
User:            N/A
Computer:      SERVER5
Description:
Microsoft Exchange could not find a certificate that contains the domain name mail.mydom.com in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector MYDOM Port 1025 with a FQDN parameter of mail.mydom.com. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


When I run get-exchangecertificate | fl   I see many certificates
Some with a status of Valid and others invalid.
I attached the output for your review.


Question 1. Should all my certificates be valid?
Question 2. Are the invalid ones duplicates of the valid one?
Question 3. I see one certificate with the service SMTP as valid can I use that thumbprint
for the enable-certificate command
Question 4. Should I enable-certificate all the invalid certificates?

I guess my real question is which thumbprint should I use?
exchangecertificate.txt
0
Comment
Question by:Thomas Grassi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 2000 total points
ID: 39234949
The error means that there is no SSL certificate matching the FQDN on the connector.
Did you create a new connector or modify an existing one?

You have two options, neither of which are what you have suggested.
1. Create a new self signed SSL certificate using new-exchangecertificate and include the FQDN on the connector.

2. Change the FQDN on the connector to the server's real name. It will have no effect on email delivery, but will silence the error.

Simon.
0
 
LVL 23

Author Comment

by:Thomas Grassi
ID: 39235372
Simon

Thanks for responding

I created a new Connector
I have two nics on the server port 25 on Nic 1 and port 1025 on nic 2

Also I noticed on the properties of the first connector using port 25
the fqdn is server05.our.network.mydom.com

on the second connector for port 1025 the fqdn is mail.mydom.com

should they both be the same?

Is that what you meant for number 2?
0
 
LVL 23

Author Comment

by:Thomas Grassi
ID: 39239940
Simon

After making the above change now the people who send to port 1025 the smtp email does not work mail does not come in on that connector.

changing the connector from mail.mydom.com to server05.our.network.mydom.com which is the servers FQDN stops mail coming in on port 1025.

I am not getting any errors on the exchange server now but email using port 1025 is not working.

Any idas?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39240671
The FQDN would have nothing to do with the ability to receive email.
Have you checked that you can actually connect to the port? You will need to use telnet:

telnet host.example.com 1025

Having both connectors with teh same FQDN will be fine - that is how they are configured out of the box.

Simon.
0
 
LVL 23

Author Closing Comment

by:Thomas Grassi
ID: 39240842
Simon
Yes I was able to telnet to that port no problem.

I found after debugging the email program I was using (Febootimail) nice batch smtp email program. I had to add STARTTLS parameter to the command line I was using.

Now it is working and I have not seen Event ID 12014 for a couple of days.

Having the New connector use the FQDN of the server did the job.
0

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
Know the reasons and solutions to move/import EDB to New Exchange Server. Also, find out how to recover an Exchange .edb file and to restore the file back.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question