Solved

"The certificate is invalid for exchange server use" error message on previously working certificate

Posted on 2016-10-13
4
51 Views
Last Modified: 2016-10-24
Hi experts

This error has just appeared.

This certificate was working absolutely fine and has been for about a month or so. All of a sudden a customer called in saying that the certificate was being rejected(? I've gotten this message about 3rd hand so don't know exactly what it said I'm afraid) and looked on the exchange console and was met with a big red X. I've re-imported the certificate trusted authority to the correct place.

Just puzzle how to fix as it hasn't expired and was working fine a day ago.
0
Comment
Question by:unrealone1
  • 2
4 Comments
 
LVL 16

Assisted Solution

by:Ivan
Ivan earned 250 total points
ID: 41842055
Hi,

are there any intermediate certificates that you need to import? If you go to OWA or ECP, and click on certificate, can you follow entire path of cert?

Regards,
Ivan.
0
 
LVL 26

Accepted Solution

by:
skullnobrains earned 250 total points
ID: 41849943
most likely the minimum cyphers requirements are not met. this may happen after a windows update. it is also possible that a network change causes this : exchange may check the certificate against the authority upon startup so if the corresponding flow is closed or other network issues such as a faulty dns arise, exchange might not want to use the certificate. there should be an explicit message in the application log
0
 
LVL 1

Author Comment

by:unrealone1
ID: 41856734
hi all.

i was out of the office all last week and just now on my return found out it's all working.

the person that fixed it isn't here so i can't share the knowledge I'm afraid
0
 
LVL 26

Expert Comment

by:skullnobrains
ID: 41856995
feel free to share later on, it may help a number of other people.

when you solve your problem yourself, you may accept your own comment which won't cost you any points

when your problem is not solved, and no comments actually helped, you may delete the question

best regards
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
powershell add exchange property to a report 12 52
Exchange 2013 - Script needed 7 36
Outlook 2013 License Question 8 28
SSL Certificate for IIS7 Site 2 21
We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question