Exchange Certificate Issue

SBS 2008 + Exchange 2007: The server has started logging Event 12014 many times per day since August 21st.

Microsoft Exchange could not find a certificate that contains the domain name mail.ourdomain.com in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector Windows SBS Internet Receive AVATAR with a FQDN parameter of mail.ourdomain.com If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.

I cannot see what has changed in order to trigger this. Our SSL certificate has been in place for almost 2 years, but has never contained mail.ourdomain.com It only contains the fqdn remote.ourdomain.com and is configured for IIS and SMTP. I can see that many of the events correspond to emails arriving in the smtp log, but many more emails arrive without triggering the Event being logged.

Can anyone shed any light on this please?
Merlin-EngWorks ManagerAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Edward van BiljonMessaging and Collaboration Technical Lead (Exchange MVP)Commented:
Hi

Has your certificate not expired at all?

Can you type the command get-exchangecertificate and advise what you are seeing?
0
Hani AlhabshiSystems EngineerCommented:
Dear

Outlook anywhere or Outlook client show Security Alert or certificate error (wrong Cert)  , you need to read this article before

http://www.shudnow.net/2013/07/26/outlook-certificate-error-and-autodiscover-domain-com-not-working/

Internal Autodiscover and the Service Connection Point
0
Merlin-EngWorks ManagerAuthor Commented:
@Edward Van Biljon: There are no expired certificates in the local computer certificate store. The other certificates have OurServer.OurDomain.local in the subject. So i think they are not relevant to this issue. Get-ExchangeCertificate shows that the SSL Certificate is configured for IIS and SMTP. Does this answer your question?

@Hani Alhabshi: The article you linked deals with Outlook autodiscover. My issue is not related to Outlook at all.
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

Hani AlhabshiSystems EngineerCommented:
Our SSL certificate has been in place for almost 2 years, but has never contained mail.ourdomain.com It only contains the fqdn remote.ourdomain.com

This comment related ...
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Merlin-EngWorks ManagerAuthor Commented:
@ Hani Alhabashi:

>>Also check FQDN  for Receive / Send connectors  

Yes that was it. The fqdn in the Receive Connector was configured as mail.ourdomain.com. I changed it to remote.ourdomain.com and the 12014 Events stopped being logged. I don't know why this would only become an issue now though. The configuration hasn't changed for years. Thank you for your help.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.