Forum Discussion
Exchange Hybrid connector validation from o365 to on-prem
We recently setup Exchange Hybrid on Classic mode. Completed without errors.
During setup we ensure that the Transport Certificate is valid and we assigned our 3rd party cert.
We checked on IIS that "Default Front End" certificates are assigned with 3rd party cert.
IIS 'Exchange Back End' is using the private "Exchange Server" certificate.
When checking Exchange online connectors and validating the O365-Onprem connector, it errors with
"450 4.4.317 Cannot connect to remote server [Message=SubjectMismatch Expected Subject: ...... Thumbprint:######"
When troubleshooting and Checking the certificate thumbprint from the error message on the server. Determined that the thumbprint belonged to the private certificate used in the 'Exchange Back End'
Not sure why it's presenting the wrong certificate and not the front-end certificate?
Normal email flow is still working.
Appreciate anyone's feedback.
check what certificate is assingned to that particular connector. TLS Domain specified must match with the remote host.
- Mail flow is secured via the send and receive connectors, so view the cert names with get-sendconnector and get-recieveconnector for the on-prem Exchange and make sure the correct ones are assigned
