SBS 2008 + Exchange 2007: The server has started logging Event 12014 many times per day since August 21st.
Microsoft Exchange could not find a certificate that contains the domain name mail.ourdomain.com in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector Windows SBS Internet Receive AVATAR with a FQDN parameter of mail.ourdomain.com If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.
I cannot see what has changed in order to trigger this. Our SSL certificate has been in place for almost 2 years, but has never contained mail.ourdomain.com It only contains the fqdn remote.ourdomain.com and is configured for IIS and SMTP. I can see that many of the events correspond to emails arriving in the smtp log, but many more emails arrive without triggering the Event being logged.
Can anyone shed any light on this please?
Exchange
Last Comment
Merlin-Eng
8/22/2022 - Mon
Edward van Biljon
Hi
Has your certificate not expired at all?
Can you type the command get-exchangecertificate and advise what you are seeing?
Hani M .S. Al-habshi
Dear
Outlook anywhere or Outlook client show Security Alert or certificate error (wrong Cert) , you need to read this article before
Internal Autodiscover and the Service Connection Point
Merlin-Eng
ASKER
@Edward Van Biljon: There are no expired certificates in the local computer certificate store. The other certificates have OurServer.OurDomain.local in the subject. So i think they are not relevant to this issue. Get-ExchangeCertificate shows that the SSL Certificate is configured for IIS and SMTP. Does this answer your question?
@Hani Alhabshi: The article you linked deals with Outlook autodiscover. My issue is not related to Outlook at all.
Yes that was it. The fqdn in the Receive Connector was configured as mail.ourdomain.com. I changed it to remote.ourdomain.com and the 12014 Events stopped being logged. I don't know why this would only become an issue now though. The configuration hasn't changed for years. Thank you for your help.
Has your certificate not expired at all?
Can you type the command get-exchangecertificate and advise what you are seeing?