When I try to remove an expired SSL certificate from my 2 Exchange 2013 servers (in a 2 node DAG), I get the following error: "A special RPC error occurs on server xxxxx: The internal transport certificate cannot be removed because that would cause the Microsoft Exchange Transport service to stop. To replace the internal transport certificate, create a new certificate. The new certificate will automatically become the internal transport certificate. You can then remove the existing certificate."
There are currently 5 certificates on each server:
1) Digicert SSL Cert with IMAP, POP, IIS, SMTP
2) Digicert SSL Cert with IMAP, POP, SMTP (expired)
3) Microsoft Exchange with SMTP
4) Microsoft Exchange Server Auth Certificate with SMTP
5) WMSVC with no services
How can I get rid of the expired Digicert SSL Certificate?