I have 5 Exchange 2013 servers. 2 CAS servers and 3 Mailbox servers installed as DAG. The CAS servers have my UCC certificate. One of the CAS servers has the Microsoft Exchange Server Auth certificate. I am receiving SSL certificate errors from my Mailbox servers stating they cannot find the certificate containing the public name. This certificate is installed on the CAS servers, but the mailbox servers are sending email to the internet. I am also receiving errors the the Microsoft Exchange Server Auth certificate cannot be found on all servers but the CAS server it is installed on.
I am having trouble finding any information on the correct settings in this configuration.
I am wondering if I should export the Microsoft Exchange Server Auth certificate and the UCC certificate and import the certificate into all of the servers.
Does anyone have a configuration like this that they could confirm the SSL requirements on the mailbox and CAS servers? What I have found says the mailbox servers SSL is all self-signed and should not need to be altered, but that is not what I am seeing.