Announcement

Collapse
No announcement yet.

Internal certificate

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Internal certificate

    Hi all!

    My Exchange 2007 started to complain about certificate expiration...
    What to do in such case? Will transport of mail stop working?


    Event Type: Warning
    Event Source: MSExchangeTransport
    Event Category: TransportService
    Event ID: 12017
    Date: 27.6.2008
    Time: 8:22:42
    User: N/A
    Computer: EXCHANGE
    Description:
    An internal transport certificate will expire soon. Thumbprint:AFA640B783023D88F5B50EBD3CF85EB1DD6459B 9, hours remaining: 338

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


    Thanks!

  • #2
    Re: Internal certificate

    It means you need to renew you certificate. Buy another from the people you got your first one from.

    Run
    Code:
    get-exchangecertificate
    in Powershell and you should see the thumbprint "AFA640B783023D88F5B50EBD3CF85EB1DD6459B" is assigned to certain letters (like S for SMTP).
    Copy the cert to the root of the server in question then run

    Code:
    Import-ExchangeCertificate -Path c:\certname.pfx -Password:(Get-Credential).password
    This should popup a box asking for the password and then install it into the local computer account (I think) on the machine.
    You can then use
    Code:
    get-exchangecertificate
    to show the new thumbprint
    and then
    Code:
    enable-exchangecertificate -thumbprint AAABBBAAABBBAAA -Services IIS,SMTP
    or whatever services it was running before.
    cheers
    Andy

    Please read this before you post:


    Quis custodiet ipsos custodes?

    Comment


    • #3
      Re: Internal certificate

      Hi!

      This is internal certificate, we did not bought it... We made it...

      Another log is:

      Event Type: Warning
      Event Source: MSExchangeTransport
      Event Category: TransportService
      Event ID: 12018
      Date: 27.6.2008
      Time: 12:56:45
      User: N/A
      Computer: EXCHANGE
      Description:
      The STARTTLS certificate will expire soon: subject: exchange.company.local, hours remaining: AFA640B783023D88F5B50EBD3CF85EB1DD6459B9. Run the New-ExchangeCertificate cmdlet to create a new certificate.

      For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


      This (New-ExchangeCertificate cmdlet) should solve my problem?

      It is used for S, SMTP service...

      Comment


      • #4
        Re: Internal certificate

        Have a read of this:

        http://technet.microsoft.com/en-gb/l.../aa998840.aspx
        cheers
        Andy

        Please read this before you post:


        Quis custodiet ipsos custodes?

        Comment


        • #5
          Re: Internal certificate

          Basically we do not use any of SSL/TLS methods, only for IIS/OWA (I will renew cert there when will expire)...

          So basically, I will just left cert as it is and see what happens...
          It should work normally...

          Comment


          • #6
            Re: Internal certificate

            I`ve created only cert for IIS to use it with OWA and did not crate ANY other certs...

            Comment


            • #7
              Re: Internal certificate

              A cert is created automatically on installation of Exchange 07. It is easy to replace using the new-exchangecertificate cmdlet though.
              cheers
              Andy

              Please read this before you post:


              Quis custodiet ipsos custodes?

              Comment


              • #8
                Re: Internal certificate

                Thank you!

                I taught so!

                Comment

                Working...
                X