Recently taken over support for an educational customer.
SSL cert expired yesterday on exchange 2013 mail running on a 2016 server
Created CSR and obtained new certificate and installed OK
Deleted old certificate and set SMTP, IPAP, POP and IIS services for new certificate in EAC
Now have SSL "Not Secure" errors on both OWA and Outlook - Outlook 2013 fails to connect'
MS Remote connectivity Analyser shows " A certificate chain couldn't be constructed for the certificate."
Using MMC I find there are multiple valid certificates installed on the server
Q1 Does a dedicated Exchange server require multiple SSL certificates?
Q2 Does the "Intended Purposes" of the new certificate need to include "Client Authentication"?
Q3 How do I fix the SSL chain issue?