Exchange 2007 12018 and 12017 Certificate errors

Published 13 March 08 04:19 PM | andym 

This can occur and a handful of these seen for a number of reasons. Some of this depending of the cert is generated from an internalCA or externally.

The Exchange generated certs last one year from creation so we are seeing a few people hitting this around now.  

Obviously the first step should be to run "New-ExchangeCertificate" to renew the nearly expired cert.

(http://technet.microsoft.com/en-us/library/aa998327(EXCHG.80).aspx) and http://technet.microsoft.com/en-us/library/bb851554(EXCHG.80).aspx talk about this in excellent detail with the syntax for doing this.

NOTE:

When running New-ExchangeCertificate you may find that if you are renewing a cert with IIS, POP,IMAP and SMTP that IIS doesnt renew.

To get around this you will need to use the -services switch with New-ExchangeCertificate to add IIS. 

 

Another occurence we have seen of this is if the cert isn't enabled for SMTP.

Doing a "Get-ExchangeCertificate |fl" and look for the relevant Thumbprint referred to in the event. Then if we look at Services we can see if SMTP is in there...

Comments

No Comments
Anonymous comments are disabled

Search

This Blog

Tags

No tags have been created or used yet.

Syndication

Page view tracker