Solved

Event ID 12014 Exchange 2007

Posted on 2013-06-10
5
468 Views
Last Modified: 2013-06-12
Windows 2003 R2 Enterprise 64bit Server
Exchange 2007 Enterprise 64bit

After opening port 1025 for smtp on my exchange server

I am now getting this error

Event Type:      Error
Event Source:      MSExchangeTransport
Event Category:      TransportService
Event ID:      12014
Date:            4/11/2013
Time:            6:00:36 PM
User:            N/A
Computer:      SERVER5
Description:
Microsoft Exchange could not find a certificate that contains the domain name mail.mydom.com in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector MYDOM Port 1025 with a FQDN parameter of mail.mydom.com. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


When I run get-exchangecertificate | fl   I see many certificates
Some with a status of Valid and others invalid.
I attached the output for your review.


Question 1. Should all my certificates be valid?
Question 2. Are the invalid ones duplicates of the valid one?
Question 3. I see one certificate with the service SMTP as valid can I use that thumbprint
for the enable-certificate command
Question 4. Should I enable-certificate all the invalid certificates?

I guess my real question is which thumbprint should I use?
exchangecertificate.txt
0
Comment
Question by:Thomas Grassi
  • 3
  • 2
5 Comments
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
Comment Utility
The error means that there is no SSL certificate matching the FQDN on the connector.
Did you create a new connector or modify an existing one?

You have two options, neither of which are what you have suggested.
1. Create a new self signed SSL certificate using new-exchangecertificate and include the FQDN on the connector.

2. Change the FQDN on the connector to the server's real name. It will have no effect on email delivery, but will silence the error.

Simon.
0
 
LVL 23

Author Comment

by:Thomas Grassi
Comment Utility
Simon

Thanks for responding

I created a new Connector
I have two nics on the server port 25 on Nic 1 and port 1025 on nic 2

Also I noticed on the properties of the first connector using port 25
the fqdn is server05.our.network.mydom.com

on the second connector for port 1025 the fqdn is mail.mydom.com

should they both be the same?

Is that what you meant for number 2?
0
 
LVL 23

Author Comment

by:Thomas Grassi
Comment Utility
Simon

After making the above change now the people who send to port 1025 the smtp email does not work mail does not come in on that connector.

changing the connector from mail.mydom.com to server05.our.network.mydom.com which is the servers FQDN stops mail coming in on port 1025.

I am not getting any errors on the exchange server now but email using port 1025 is not working.

Any idas?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
Comment Utility
The FQDN would have nothing to do with the ability to receive email.
Have you checked that you can actually connect to the port? You will need to use telnet:

telnet host.example.com 1025

Having both connectors with teh same FQDN will be fine - that is how they are configured out of the box.

Simon.
0
 
LVL 23

Author Closing Comment

by:Thomas Grassi
Comment Utility
Simon
Yes I was able to telnet to that port no problem.

I found after debugging the email program I was using (Febootimail) nice batch smtp email program. I had to add STARTTLS parameter to the command line I was using.

Now it is working and I have not seen Event ID 12014 for a couple of days.

Having the New connector use the FQDN of the server did the job.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now