Solved

MSExhangeTransport ERror 12014 on Exchange 2010

Posted on 2014-04-02
6
386 Views
Last Modified: 2014-04-23
I recently renewed our SSL cert for our Exchange Server 2010 and everything is working fine. However I have been receiving Error 21014 in the Event Viewer Application Log consistently. When I look up the error on Microsoft's website it shows how to fix this. See Microsofts Event Viewer Details below

Microsoft Exchange could not find a certificate that contains the domain name orsc-email2.orsurety.com in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector Outbound MXLOGIC Mail with a FQDN parameter of orsc-email2.orsurety.com. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.

I verified that the services configured are assigned properly.

I'm not sure if I should run the "Enable-ExchangeCertificate - Services  b/c they are already added. Any help would be appreciated
0
Comment
Question by:donebert
  • 3
  • 2
6 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39972744
Does the host name listed appear in your SSL certificate?
If not, have you changed your SEND Connector to match the name that does appear on the SSL certificate?

I see this all the time and the easiest fix is to run

new-exchangecertificate

(no switches or other options).
That will generate a new internal SSL certificate for just TLS/SMTP traffic. When you run that command you will get a prompt about replacing the default SMTP certificate. Accept that and then restart transport.

Simon.
0
 
LVL 25

Expert Comment

by:-MAS
ID: 39972748
Do you have self signed certificate?
If that is creating this error you can ignore easily
0
 
LVL 1

Author Comment

by:donebert
ID: 39972852
MAS - I do have a self signed ssl cert thru godaddy.

Simon - When you say host name your talking about the Exchange server name correct? Because on the cert shows 1 of our External DNS A records.
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 
LVL 1

Author Comment

by:donebert
ID: 39972859
When I goto the Personal Certificates It shows the godaddy as well as 2 others. The 2 others being the hostname of the server. When I view those certs it says This CA Root certificate is not trusted. install cert in truested root certification authorities store. Not sure if those need to be there
0
 
LVL 1

Author Comment

by:donebert
ID: 39972864
I look in the cert trusted root authority and I do not see my host name at all
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 39973643
Host name being what you have on the certificate. It may or may not be the same name as your Exchange server - in most cases it is not.
If that is the case, then generate a new internal Exchange certificate, as per my response above - so you have two certificates being used.

Simon.
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question