Exchange Administrative Centre shows "Something went wrong"

Using server 2012 R2 with exchange 2013 running in a VM.

The system has been running well for about a few days and I wanted to update the certificates (it had a number of incorrect URLs).

I created a new certificate . .  This appeared to install correctly.
I could still connect using EAC
I then deleted the old certificate.

I cannot now connect using EAC as it trying to use the deleted certificate.

I can use EMS.

Please tell me what to do to resolve this.

Thanks
Brian
Eur0star1Asked:
Who is Participating?
 
IvanConnect With a Mentor System EngineerCommented:
Hi,

did you assign new certificate to services (at least IIS), before deleted old one?
Have you tried to restart IIS service?

Regards,
Ivan.
1
 
Eur0star1Author Commented:
Hi Ivan

Thanks for the quick response

The services assigned were IMAP, POP, SMTP

However,  I've just run IISReset and I can not connect into the .

Thanks
0
 
Todd NelsonSystems EngineerCommented:
Does the default web site in IIS show the new certificate bound to the site for 443?

What errors, if any, are you receiving in the browser?

Supposing you have a mailbox on that server, can you connect to OWA?
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
Eur0star1Author Commented:
I tried    ..../owa  and it failed giving a 404.

To be honest I am very new to exchange 2013 and have been looking after an sbs 2011 server for a number of years.  We decided to move to a new server 2012 r2 / with vms DC and Exchange.

I cannot get "anywhere access" to complete its configuration and am now cannot get outlook to connect.

So I need help

Do I or can I raise a question to get this assistance . . please
0
 
Eur0star1Author Commented:
Sorry  

I rebooted Exchange server and DC server

I get "this page can't be displayed" on opening EAC

EMS is still usable

IISReset does not help

Thanks
0
 
Eur0star1Author Commented:
Update: I ran Microsoft's Remote Connectivity Analyzer before this problem appeared;

The exchange is now issuing certificates for the vigor router !!

Regards
Brian
0
 
IvanConnect With a Mentor System EngineerCommented:
Hi,

what do you mean by exchange is issuing certificates for router?

Can you enable IIS for that new certificate, via command:
Enable-ExchangeCertificate -Thumbprint 5113ae0233a72fccb75b1d0198628675333d010e -Services IIS

Change Thumbprint with one located on your cert. You can view that in cert details.
Restart IIS after that.

Better yet, run command Get-ExchangeCertificate | fl and post results. You can hide your server/domain name on it.

Regards,
Ivan.
1
 
Eur0star1Author Commented:
Hi

When I looked at the certificate that was being used by the server & PCs the issuer was Vigor.  I suspect this was attached when I was using the Remote Connectivity Analyzer.

Yes,  that fixed the issue - thanks

Now 1 PC from 5 (that I'm working with) is downloading mail + we can send mail

The other 4  are disconnected and try to connect periodically.

Regards
Brian
0
 
IvanSystem EngineerCommented:
Hi,

you can access EAC now? Great :)

As for Outlook, try for test just to create new profile, and see if that works. Should not have anything to do with it, but just to be sure.

Regards,
Ivan.
0
 
Eur0star1Author Commented:
Hi

on trying new profile for user (using "mail" in control panel) get:

Security Alert: first 2 items have green tick and  the third is a cross and reports
    "the name on the security certificate is invalid or does not match the name on the list"
 
together with a windows host process window (rundll32) reporting it has stopped working.

regards
Brian
0
 
Todd NelsonConnect With a Mentor Systems EngineerCommented:
It sounds like the issue with the security alert during the Outlook profile creation has to do with autodiscover. Right?

Run this command from the Exchange management shell to get the value set for the autodiscover service connection point (SCP).  The value should be the same as shown in the alert for your Outlook users.

Get-ExchangeServer | Get-ClientAccessServer | fl Identity, *ternaluri*

Open in new window


If the value doesn't match any of the names in the certificate, an alert will be received.  Therefore, you should change the value to something that is set in your certificate.

Assuming you have autodiscover (i.e. autodiscover.mydomain.com) as one of the names in the cert, update the autodiscover SCP with a command similar to this...

Set-ClientAccessServer -Identity "EXCHANGE1" -AutoDiscoverServiceInternalUri "https://autodiscover.mydomain.com/autodiscover/autodiscover.xml"

Open in new window


Hope this helps.
1
 
Eur0star1Author Commented:
Sorry no different

our certificate has   remote.   www.remote.  (? for some unknown reason !)   mail.  sikorsky. autodiscover.   as hosts in that order.

regards
Brian
0
 
Eur0star1Author Commented:
Hi

having had a short break from this and reassessing the status of the issues:

I revisited the setup of exchange and carefully following TechNet's guide

        https://technet.microsoft.com/en-us/library/jj218640(v=exchg.150).aspx 

having reset all settings mail is now flowing as expected.

There is still a SSL certificate error which is currently being investigated.

I think it would be fair to close this now and many thanks to Ivan and Todd
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.