I just purchased and installed my new exchange certificate. Because internal domain names will be banned in 2015, I ordered a cert only with 2 names: mail.external.com and autodiscover.external.com. My internal domain is different so I had to use split DNS for external email name to resolve to internal IP.
Installation went fine, I tested various access methods, all cool.
Then I opened the event viewer and now I get this:
Event 12014, MSExchangeTransport
Microsoft Exchange could not find a certificate that contains the domain name EXCHANGE.internal.co.uk in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector Default Exchange with a FQDN parameter of EXCHANGE.internal.co.uk. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.
No single article regarding new approach to certificates mentioned the problem.
How can I fix it ?