DP230
asked on
SMTP error after renewed Exchange 2016 SSL certificate
Dear Experts, we have Exchange 2016 server on 2012R2 platform. Clients can access mailboxes via outlook (pop/imap/exchange) or OWA. After renewed SSL certificate, our users could not access their mailboxes via pop/imap anymore. Those services are still running on Exchange server.
When we tested the connection on MS outlook, it could login to server successfully but could not send test email, so I think there is something wrong with SMTP and SSL.
We tried to restart pop3/imap services but it did not help. Also tried to assign new SSL to SMTP but could not. Can you suggest?
When we tested the connection on MS outlook, it could login to server successfully but could not send test email, so I think there is something wrong with SMTP and SSL.
We tried to restart pop3/imap services but it did not help. Also tried to assign new SSL to SMTP but could not. Can you suggest?
Tip: You can use SWAKS to test your outgoing SMTP setup on the command line.
Using SWAKS is far easier to debug mail problems, than using a mail client.
Using SWAKS is far easier to debug mail problems, than using a mail client.
If you are using TSL for IMAP and POP you have to configure and update with the new thumbprint.
https://practical365.com/exchange-server/configuring-the-tls-certificate-name-for-exchange-server-receive-connectors/
https://practical365.com/exchange-server/configuring-the-tls-certificate-name-for-exchange-server-receive-connectors/
SMTP != POP/IMAP - no relation at all.
Be sure you keep this in mind debugging your problem.
Said another way, if your POP3s + IMAP4s TLS connections work, this has no relation to any outgoing SMTP conversations.
Be sure you keep this in mind debugging your problem.
Said another way, if your POP3s + IMAP4s TLS connections work, this has no relation to any outgoing SMTP conversations.
ASKER
ASKER
Hi David, when we test the connection on MS Outlook, we could logon the Pop server but failed when sending test email. That's why I am thinking about SMTP error.
Can you suggest?
Can you suggest?
Can you run the Get-ExchangeCertificates command in the EMS and post the results?
Note: Sending test email != POP... has nothing to do with POP. This is 100% pure outgoing SMTP through a relay or local MTA.
Zero to do with your cert upgrade.
You asked, "Can you suggest?"
Yes.
See above. Use SWAKS to test your outgoing SMTP setup.
Zero to do with your cert upgrade.
You asked, "Can you suggest?"
Yes.
See above. Use SWAKS to test your outgoing SMTP setup.
ASKER
Dear, after reconfigured the POP3 and IMAP settings on Exchange server to match the X509 CertificateName of "mail.domain.com" (I don't know why but it was domain.com before), it worked again but only with SMTP setup to Auto or None, NOT TLS as usual.
Here are some screenshots:
Certificates on EMS
Certificates on ECP
Error with SMTP (TLS)
It worked with SMTP (Auto or None)
Here are some screenshots:
Certificates on EMS
Certificates on ECP
Error with SMTP (TLS)
It worked with SMTP (Auto or None)
We have explained the same. I recommend to distribute the points
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
These protocols are completely different so mail reading + sending have no relation.
Check your outgoing SMTP setup to ensure your mail relay setup, or however you send SMTP mail, is correct.