Description: An internal transport certificate will expire soon


We are running Microsoft Exchange 2016 with the current CU.

We have recently been seeing an Event under Application Log as follows:

Application Log generated Error Event 12017
Description: An internal transport certificate will expire soon.
Thumbprint: C65....A42, expires: 6/25/2018 3:23:37 PM.

I've looked at the certificates, but nothing is set to expire that day.  Where can I find where this is stemming from?

Thanks in advance.

Who is Participating?
timgreen7077Exchange EngineerCommented:
run the following in the exchange shell and see if it can show you the correct cert:

Get-ExchangeCertificate -Thumbprint "thumb print ID" | fl
David Johnson, CD, MVPOwnerCommented:
To resolve this warning, you must use the New-ExchangeCertificate cmdlet to create a new internal transport certificate (also referred to as a direct trust certificate) on the computer that returned this Warning event. Running the New-ExchangeCertificate cmdlet with no arguments creates an SMTP-enabled internal transport certificate for direct trust. For more information, see New-ExchangeCertificate.

If this warning occurred on a Hub Transport server, you must create the internal transport certificate on the Hub Transport server where the warning occurred. After you have created the certificate, restart the Microsoft Exchange EdgeSync service to update the certificate information on the Edge Transport servers that are subscribed to the organization.
Vidit BhardwajAdminCommented:
You can also check the same in personal certificate store of machine.

run ->MMC> certificates>Computer Account> Personal Store> look for the cert with the same thumbprint and remove it
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.