Forum Discussion
Fwaggle
May 19, 2023Copper Contributor
How to determine what SSL Certificate used between On-Prem and Exchange Online
Hi,
After renewing our SSL Certificate for SMTP this week on our On-Prem Exchange 2019 server, I was reviewing our Send Connector configuration to Exchange Online and no SSL Certificate was defined under the TLSCertificateName attribute. However, the Receive Connector in Exchange Online is configured to only allow mail items signed with TLS with Subject containing our domain. Mail flow is working fine but I am intrigued to find out what certificate is being used if not our CA Certificate.
I should say that the server is not configured for Hybrid.
Any pointers much appreciated.
Thanks in advance.
- Andres-BohrenSteel Contributor
Hi Fwaggle
#Inbound Connector in Exchange Online
Get-InboundConnector -Identity "Inbound from b96bdae2-5722-45d3-b38c-8dca846c63ba" | fl Name, *TLS*,Restrict*
Name : Inbound from b96bdae2-5722-45d3-b38c-8dca846c63ba
RequireTls : True
TlsSenderCertificateName : *.icewolf.ch
RestrictDomainsToIPAddresses : False
RestrictDomainsToCertificate : False#Send Connector on Exchange Server
Get-SendConnector -Identity "Outbound to Office 365 - 138c6133-e050-4107-9421-d1e9abf64b49" | fl name,fqdn,TLS*
Name : Outbound to Office 365 - 138c6133-e050-4107-9421-d1e9abf64b49
Fqdn : mail.icewolf.ch
TlsDomain : mail.protection.outlook.com
TlsAuthLevel : DomainValidation
TlsCertificateName : <I>CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/,
O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US<S>CN=mail.icewolf.chIf no TLSCertificateName is set on Send connector it could be the default SMTP Certificate
Regards
Andres