Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

How create a new certificate by using the New-ExchangeCertificate task.

Posted on 2014-12-15
7
Medium Priority
?
2,153 Views
Last Modified: 2014-12-17
When users open Outlook they get a “Microsoft Outlook” dialog box pop up.
**********************
Allow this website to configure (users email address) server settings
https://remote.domainname.com/autodiscover/autodiscovery.xml

Your account was redirected to this website for settings
You should only allow settings from sources you know and trust

Allow or Cancel
*********************
Another dialog box pops up called “Security Alert”
The Security certificate has expired or is not yet valid


The server is reporting:
There is no valid SMTP Transport Layer Security (TLS) certificate for the FQDN of remote.nardonepridgeon.com. The existing certificate for that FQDN has expired. The continued use of that FQDN will cause mail flow problems. A new certificate that contains the FQDN of remote.nardonepridgeon.com should be installed on this server as soon as possible. You can create a new certificate by using the New-ExchangeCertificate task.

ISSUE:
When I try to create a new certificate using the "Exchange Management Shell", I get constant "Access Denied"
Basically I must be doing something wrong. Any help would be appreciated
0
Comment
Question by:agieryic
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
7 Comments
 
LVL 22

Accepted Solution

by:
David Atkin earned 2000 total points
ID: 40500812
Hello,

Are you trying to use a self signed or trusted certificate?

If you have SBS 2008, open the SBS Console> Network Tab> Connectivity sub tab

Run the Fix My Network Wizard on the right hand side.  This should repair the certificate error for you.
1
 
LVL 1

Author Comment

by:agieryic
ID: 40500813
I found this article on EE but it was blank
ID: 27205026  

tried following this article but was not able to resolve the issue
http://technet.microsoft.com/en-us/library/bb851554(EXCHG.80).aspx
0
 
LVL 1

Author Comment

by:agieryic
ID: 40500915
Yes,  I am trying to renew the certificate that was created in SBS2008
I did see where the certificate did expire on 12/13/2014 - 2 days ago
0
Learn Veeam advantages over legacy backup

Every day, more and more legacy backup customers switch to Veeam. Technologies designed for the client-server era cannot restore any IT service running in the hybrid cloud within seconds. Learn top Veeam advantages over legacy backup and get Veeam for the price of your renewal

 
LVL 1

Author Comment

by:agieryic
ID: 40500922
I did run the "Fix My Network" and it saw that the certificate had expired. It said that it renewed. Do I need to restart the Exchange services - or at least the "Transport" service.
0
 
LVL 1

Author Comment

by:agieryic
ID: 40500952
I opened a users Outlook and it came up with no certificate errors. I had no idea how easy the fix was you provided.
Everything I read dealt with Shell Commands - which kept coming back with "Access Denied" errors

I probably did not need to do so, but I restarted the server just to make sure all is clean

Is there a way to renew the certificate before it expires? I have 2 more SBS2008 servers
I am looking into getting a 3rd party certificate.
0
 
LVL 22

Expert Comment

by:David Atkin
ID: 40502072
Hello,

No need to restart any of the exchange services - The fix my network should be the only thing needed for local users.  If you have some remote users you may have to install the certificate manually on them though.

You can replace a self signed certificate with a Trusted 3rd party certificate at any time, just re-run the 'Add a Trusted Certificate Wizard'. There isn't much point in renewing a self signed certificate until it has expired really.  Just make a note on your calendar to do this.
0
 
LVL 1

Author Comment

by:agieryic
ID: 40504642
Much appreciated
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you looking for the options available for exporting EDB files to PST? You may be confused as they are different in different Exchange versions. Here, I will discuss some options available.
If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question