Solved

MSExhangeTransport ERror 12014 on Exchange 2010

Posted on 2014-04-02
6
390 Views
Last Modified: 2014-04-23
I recently renewed our SSL cert for our Exchange Server 2010 and everything is working fine. However I have been receiving Error 21014 in the Event Viewer Application Log consistently. When I look up the error on Microsoft's website it shows how to fix this. See Microsofts Event Viewer Details below

Microsoft Exchange could not find a certificate that contains the domain name orsc-email2.orsurety.com in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector Outbound MXLOGIC Mail with a FQDN parameter of orsc-email2.orsurety.com. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.

I verified that the services configured are assigned properly.

I'm not sure if I should run the "Enable-ExchangeCertificate - Services  b/c they are already added. Any help would be appreciated
0
Comment
Question by:donebert
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39972744
Does the host name listed appear in your SSL certificate?
If not, have you changed your SEND Connector to match the name that does appear on the SSL certificate?

I see this all the time and the easiest fix is to run

new-exchangecertificate

(no switches or other options).
That will generate a new internal SSL certificate for just TLS/SMTP traffic. When you run that command you will get a prompt about replacing the default SMTP certificate. Accept that and then restart transport.

Simon.
0
 
LVL 25

Expert Comment

by:-MAS
ID: 39972748
Do you have self signed certificate?
If that is creating this error you can ignore easily
0
 
LVL 1

Author Comment

by:donebert
ID: 39972852
MAS - I do have a self signed ssl cert thru godaddy.

Simon - When you say host name your talking about the Exchange server name correct? Because on the cert shows 1 of our External DNS A records.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 1

Author Comment

by:donebert
ID: 39972859
When I goto the Personal Certificates It shows the godaddy as well as 2 others. The 2 others being the hostname of the server. When I view those certs it says This CA Root certificate is not trusted. install cert in truested root certification authorities store. Not sure if those need to be there
0
 
LVL 1

Author Comment

by:donebert
ID: 39972864
I look in the cert trusted root authority and I do not see my host name at all
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 39973643
Host name being what you have on the certificate. It may or may not be the same name as your Exchange server - in most cases it is not.
If that is the case, then generate a new internal Exchange certificate, as per my response above - so you have two certificates being used.

Simon.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question