Solved

Exchange 2007 - Self.Signed Certificates

Posted on 2014-03-31
3
622 Views
Last Modified: 2014-04-22
I am trying to renew some certificates that expired.  They are self-signed certificates and I get this error message:

WARNING:  This certificate will not be used for external TLS Connections with an FQDN of 'NYABC.cortoso.com' because the CA-signed certificate with the thumbprint '67DE  xxx' takes precedence'.

Can someone explain what this means to me.  Should I proceed or just remove the certificate.EXCH
thanks
0
Comment
Question by:techgenious
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 41

Expert Comment

by:Adam Brown
ID: 39967984
You might already have a valid non-self signed certificate set up to run TLS on that server. Run get-exchangecertificate and find the one that has the thumbprint referenced there. Self-Signed certificates aren't generally recommended for use on Exchange servers, since they are only valid to computers that install the certificate as a trusted third party root cert. If you have a valid certificate installed and configured that was issued by a Third Party Root CA, exchange will utilize that instead of self-signed as long as it matches the FQDN set up on your send and receive connectors.
0
 

Accepted Solution

by:
techgenious earned 0 total points
ID: 39989621
If you have a valid certificate installed and configured that was issued by a Third Party Root CA, exchange will utilize that instead of self-signed as long as it matches the FQDN set up on your send and receive connectors.  

Can I remove the old one then if the above is true?

Thanks
0
 

Author Closing Comment

by:techgenious
ID: 40014350
excellent
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
This article explains how to install and use the NTBackup utility that comes with Windows Server.
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Suggested Courses
Course of the Month4 days, 23 hours left to enroll

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question