I had this question after viewing SBS2011 - Expired Certificates - MSExchange Web Services Event ID 24
My issue is that I get this error message in my daily reports:
MSExchange Web Services 24 08/03/2017 14:48:27 42
The Exchange certificate [Subject] CN=Graham Sivill, OU=SBSUsers, OU=Users, OU=MyBusiness, DC=direct-ifc, DC=local [Issuer] CN=direct-ifc-DIRECTSERVER
-CA [Serial Number] 23ABEFA6000100000012 [Not Before] 23/06/2014 11:23:58 [Not After] 23/06/2015 11:23:58 [Thumbprint] 00BC42E5C2B89AF7905F4F1DD6
2EBE expired on 23/06/2015 11:23:58.
So reading up the fix for this error I ran this EMS command:
-Server DirectServer -Thumbprint 00BC42E5C2B89AF7905F4F1DD6
This gets the response:
Are you sure you want to perform this action?
Remove certificate with thumbprint 00BC42E5C2B89AF7905F4F1DD6
2EBE from the computer's certificate store?
[Y] Yes [A] Yes to All [N] No [L] No to All [?] Help (default is "Y"): y
The certificate with thumbprint 00BC42E5C2B89AF7905F4F1DD6
2EBE was found but is not valid for use with Exchange Server (reason: PkixKpServerAuthNotFoundIn
+ CategoryInfo : NotSpecified: (:) [Remove-ExchangeCertificat
+ FullyQualifiedErrorId : 7884D31B,Microsoft.Exchang
The certificate is listed in my revoked certificates. How can I stop this message coming up, is there a way to delete the certificate permanently from the revoked certificates in the Certification Authority? If I right-click the certificate in the Certification Authority the only Tasks are:
Export Binary Data
All of which seem irrelevant?
Any help with this would be appreciated.