Microsoft has released security updates for vulnerabilities found in:
Exchange Server 2013
Exchange Server 2016
Exchange Server 2019
These updates are available for the following specific...
Updated Jan 12, 2022
Version 17.0
Blog Post
Hi All,
We have a hybrid setup, 2 on-prem Exchange 2013 CU23 servers in a DAG.
I patched one of the servers this morning but no longer can get into ECP on that server however I can still on the un-patched one.
Getting 2 event IDs appear when failing to login, 1 being ID 1309 for ASP.NET 4.0.30319.0 :
| Event code: 3005 Event message: An unhandled exception has occurred. Event time: 12/11/2021 10:09:05 Event time (UTC): 12/11/2021 10:09:05 Event ID: 5d5aa81e67c448aa8ad3c6ab5d955096 Event sequence: 22 Event occurrence: 3 Event detail code: 0 ASSERT: HMACProvider.GetCertificates:protectionCertificates.Length<1 at Microsoft.Exchange.Diagnostics.ExAssert.AssertInternal(String formatString, Object[] parameters) at Microsoft.Exchange.Clients.Common.HmacProvider.GetCertificates() at Microsoft.Exchange.Clients.Common.HmacProvider.GetHmacProvider() at Microsoft.Exchange.Clients.Common.HmacProvider.ComputeHmac |
Event 1003 for MSExchange Front End HTTP Proxy :
[Owa] An internal server error occurred. The unhandled exception was: Microsoft.Exchange.Diagnostics.ExAssertException: ASSERT: HMACProvider.GetCertificates:protectionCertificates.Length<1
at Microsoft.Exchange.Diagnostics.ExAssert.AssertInternal(String formatString, Object[] parameters)
We have not changed our certs at all and running the following command on both servers produce the same error about certificate with a specific thumbprint not being found but I can still access ECP on the unaffected server :
Get-ExchangeCertificate (Get-AuthConfig).CurrentCertificateThumbprint
I know usually when logging into ECP the URL remains https://server.domain/ecp/
however I'm failing at https://server.domain/owa/auth/errorFE.aspx?httpCode=500
Can someone help? Cannot patch the remaining server until I can get ECP back on the affected server.