Exchange 2013 multiple certificates assigned to SMTP
Posted on 2016-11-09
I have a GoDaddy SAN cert for my Exchange 2013 servers with a number of Subject Alternative Names. I installed this cert and assigned it to use it for IMAP, POP, SMTP, and IIS. It is the certificate assigned in bindings to the Default Web Site.
All my Exchange 2013 servers are multi-role with the Mailbox and FrontEnd functions covered on the each server.
My issue is that I have two additional certificates, "Microsoft Exchange Server Auth Certificate" assigned to SMTP, and "Microsoft Exchange" assigned to SMTP and IIS. When I attempt to edit the services assigned to either of these latter two certs, I find the SMTP option checked but grayed out so that I cannot uncheck it.
I'm see issues where some SMTP requests are picking up these self-signed certs and breaking some scanners, printers, and send-as options for Gmail users.
Is this the way this is supposed to work? It seems amiss but i'm not sure how best to resolve. Any help greatly appreciated.