• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 57
  • Last Modified:

Why can't I receive email after renewing my MS Exchange 2007 server SSL certificate?

We renewed the SSL Certificate on our MS Exchange Server 2007.  Users using MS Exchange with MS Outlook 2007/2010 kept working fine.  Users using MS Outlook 2007/2010 with POP3 stopped receiving email.

We were forced to renew the certificate with new hash strength, from SHA1 to SHA2.

1.  We checked our firewall.  No changes made.

The only change was to replace the SSL certificate on the email server.  We verified that POP was assigned as a service to the certificate thumbprint.

Any thoughts?  SHA2 issue???

Luis Mendoza
(Net Admin)
0
Luis Mendoza
Asked:
Luis Mendoza
  • 7
  • 2
  • 2
1 Solution
 
Sudeep SharmaTechnical DesignerCommented:
Which client are you using for POP3 download?

Did you tried Microsoft Remote Connectivity Analyzer for POP3 emails, is that reporting it fine?

Remote Connectivity Analyzer
https://testconnectivity.microsoft.com/

Thanks,
Sudeep
0
 
Dave HoweSoftware and Hardware EngineerCommented:
Could be an schannel version issue - what OS are you running outlook on?
0
 
Luis MendozaAuthor Commented:
Sudeep,
  We are using MS Outlook 2007/2010 to download email.  We use webmail as well which works fine.  We are trying the analyzer now.

Any other ideas are welcome.  thanks,

Luis
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Luis MendozaAuthor Commented:
Dave,
  We are running MS Windows 7 32/64 bit, Pro and Ultimate.

thanks
Luis
0
 
Dave HoweSoftware and Hardware EngineerCommented:
That should be fine then. Win7/8 Schannel supports the newer protocol suites.
I would normally try wireshark next - capture an attempted login and see if there are any issues setting up TLS.
0
 
Sudeep SharmaTechnical DesignerCommented:
Give a other email client like Thuderbird a try if that connects, so that we know that the issue is related to Outlook and not Exchange.

Thanks,
Sudeep
0
 
Luis MendozaAuthor Commented:
1.  Will try Wireshark and see what it can tell us

2.  Will look into Thunderbird as well


thanks!
Luis
0
 
Luis MendozaAuthor Commented:
By the way we are getting a general error on MS Outlook but here it is:

"Task "username" - Receiving' reported error (0x800CCC0F) : 'The connection to the server was interrupted.  If this problem continues, contact your server administrator or Internet service provider (ISP).'
0
 
Luis MendozaAuthor Commented:
We resolved the issue of not passing POP by by creating a new SSL certificate request, resubmitting to the CA/certificate provider, and then re-importing the certificate into the mail server (also, assigned all the services that we wanted the certificate to support.).

This seem to have been a corrupted certificate.  However, we now have an issue with passing secure POP.  It does not seem to support passing secure POP.
0
 
Luis MendozaAuthor Commented:
No objections
0
 
Luis MendozaAuthor Commented:
This resolved not being able to pass standard POP email, however did not allow us to pass encrypted email.  I am posting a separate question for that issue.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 7
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now