Exchange 2010 Default Connector Self-signed Cert missing

Exchange 2010 with latest updates as of two months ago from this post.

Getting the following error in the event log:

Microsoft Exchange could not find a certificate that contains the domain exchange2010.mydomain.local in the personal store on the local computer.  Therefore, it is unable to support the STARTTLS SMTP verb for the connector Default EXCHANGE2010 with a FQDN parameter of exchange2010.mydomain.local.  If the connector's FQDN is not specified, the computers FQDN is used.  Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN.  If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.

Upon further investigation, it appears a previous "consultant" deleted the default self-signed cert that Exchange 2010 sets up during install.  We do have a GoDaddy cert for mail.mydomain.com, but the self-signed cert for exchange2010.mydomain.local is missing.

How do we get this cert back in place or how do we use the GoDaddy cert instead or is there another better way to solve this issue?

James
JamesNTAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

viktor grantExchange ServersCommented:
Hi James,

If you want to create Exchange self-signed certificate, you need to run the following command:

New-ExchangeCertificate

you will prompt to accept and after if you want to use for SMTP service.

This error is very common but you can ingnore it. Have you noticed some errors in transport?

Cheers
Viktor
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
JamesNTAuthor Commented:
Mail flow has stopped.  This was the first thing I found wrong.  Will this error stop mail flow?

James
0
viktor grantExchange ServersCommented:
HI James,

No normally it should not.

Are the databases mounted:

Get-MailboxDatabaseCopyStatus *

Cheers
Viktor
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

JamesNTAuthor Commented:
Yes, databases are mounted.  And the Exchange 2010 Management Console comes up with no problems.

Side note:  That's one thing I miss about future versions of Exchange (2013 and higher).  In 2010, if the console came up there was an excellent chance your server was doing OK.

I just ran the best practices analyzer.  Here are the only errors it shows:

exchangeerror1.JPG
exchangeerror2.JPG
0
viktor grantExchange ServersCommented:
Hi James,

So you can create Exchange self-signed certificate, you need to run the following command:

New-ExchangeCertificate

you will prompt to accept and after if you want to use for SMTP service.

Cheers
Viktor
0
JamesNTAuthor Commented:
Done.   However, the two errors shown in the screenshots above persist.  What is our next step?

James
0
viktor grantExchange ServersCommented:
Hi james,

Check the services are running correctly.

Test-servicehealth

and restart tranport service,

Cheers
0
JamesNTAuthor Commented:
The error mentioned in my original question no longer shows in the event log (I cleared the logs).  Just have to figure out the SAN mismatch in the screenshots I showed which still persist even after restarting transport service.

James
0
viktor grantExchange ServersCommented:
HI James,

Ok perfect. The mail flow is stopped now?
0
JamesNTAuthor Commented:
Mail flow still not working, but I think it's because we have other problems that you or I can do nothing about.  DNS records are correct.  It appears ZoneEdit having issues.  :(


mxtoolbox.JPG
Thank you for your help in resolving other issue.

James
0
JamesNTAuthor Commented:
Thank you for your help.
0
viktor grantExchange ServersCommented:
Perfect that the other issue is solved

You need to configure this last step.
0
JamesNTAuthor Commented:
The last step, the DNS and MX setup and ZoneEdit has been configured for years.  It appears ZoneEdit is having issues.  All we can do is wait.

James
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.