Exchange 2013 IMAP Cert error.

Michael Cardenzana
Michael Cardenzana used Ask the Experts™
on
ok so I have resolved the issue with my exchange 2013 email server. I am trying to get the IMAP to work but everything checks out except for this.

Testing the SSL certificate to make sure it's valid.
       The SSL certificate failed one or more certificate validation checks.
       
      Additional Details
       
Elapsed Time: 323 ms.
       
      Test Steps
       
      The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server mail.fitzpro.com on port 993.
       The Microsoft Connectivity Analyzer wasn't able to obtain the remote SSL certificate.
       
      Additional Details
       
The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
Elapsed Time: 298 ms.





I have verified that the cert is good because it works with IIS and Active sync, and SMTP.

anyone had any ideas?

Mike-
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Hemil AquinoNetwork Security Engineer
Distinguished Expert 2018

Commented:
Yeah, you need to buy a third party certificate bro!
Did you apply your certificate to your IIS and IMAP?
Have you actually selected the certificate to use for IMAP in ECP?
Systems Administrator
Commented:
I know the cert is good because it all worked just fine before and all of the sudden after some windows updates it broke.

After checking the event logs I located the following error message under the Application logs.

EventID: 1011
Source: MSExchangeIMAP4

Description: The IMAP4 server’s Online status has changed to False.

IMAP4 Event log error

After performing some further research I determined that the IMAP Proxy had stopped on the server. To check this perform the following

Open the Exchange Management Console
Run the following command Get-ServerComponentState -identity Servername
You will notice that the IMAPProxy state is set as inactive
Server Component State

 

To resolve this issue you must perform the following

Open the Exchange Management Console
Run the following command Set-ServerComponentState -Identity Servername -State Active -Requester HealthAPI -Component ImapProxy
IMAP should now be working again on the Exchange 2013 server.


after I restarted all the component states all is tested and up and working.

--------------------------------------------------

Testing the SSL certificate to make sure it's valid.
       The certificate passed all validation requirements.
       
      Additional Details
       
      Test Steps
       
      The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server  on port 993.
       The Microsoft Connectivity Analyzer successfully obtained the remote SSL certificate.
       
      Additional Details
      Validating the certificate name.
       The certificate name was validated successfully.
       
      Additional Details
      Certificate trust is being validated.
       The certificate is trusted and all certificates are present in the chain.
       
      Test Steps
      Testing the certificate date to confirm the certificate is valid.
       Date validation passed. The certificate hasn't expired.
       
      Additional Details
      The IMAP service is being tested.
       The IMAP service was tested successfully.
       
      Additional Details
       
Successfully tested the IMAP4 service
Secured: CN=, OU=Domain Control Validated
S: * OK The Microsoft Exchange IMAP4 service is ready.
C: 1 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 AUTH=PLAIN AUTH=NTLM AUTH=GSSAPI UIDPLUS MOVE ID CHILDREN IDLE NAMESPACE LITERAL+
1 OK CAPABILITY completed.
C: 2 LOGIN servicedesk <password>
S: 2 OK LOGIN completed.
C: 3 LIST "" *
S: * LIST (\HasNoChildren) "/" Calendar
* LIST (\HasChildren) "/" Contacts
* LIST (\HasNoChildren) "/" "Deleted Items"
* LIST (\HasNoChildren) "/" Drafts
* LIST (\Marked \HasNoChildren) "/" INBOX
* LIST (\HasNoChildren) "/" Journal
* LIST (\HasNoChildren) "/" "Junk Email"
* LIST (\HasNoChildren) "/" Notes
* LIST (\HasNoChildren) "/" Outbox
* LIST (\HasNoChildren) "/" Processed
* LIST (\HasNoChildren) "/" "Sent Items"
* LIST (\HasNoChildren) "/" Tasks
3 OK LIST completed.
C: 4 LOGOUT
S: * BYE Microsoft Exchange Server 2013 IMAP4 server signing off.
4 OK LOGOUT completed.
Elapsed Time: 388 ms.
Michael CardenzanaSystems Administrator

Author

Commented:
self resolved with some help from some other sources. my IMAP connection is now working after the steps that I lined out in the last response.

Mike-

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial