Oct 10 2020 06:39 AM - edited Oct 10 2020 06:43 AM
We are having issues with our Autodiscover, we only just noticed this issue yesterday, which is when our old SSL cert expired.
After noticing this, I checked IIS on both Hybrid Exchange Servers and noticed the old SSL cert was bound to the web services, changed this to the new cert, restarted the web services, also restarted the server.
But yet no change to the certificate associated with autodiscover!
Our SSL cert was updated 2 weeks ago, via the cert store and running hybrid configuration wizard.
Mail flow seems to be fine, I can see in the smtp send logs that the tls connector is using our new SSL certificate with the correct credentials.
Does anyone have any insight into this?
Oct 11 2020 12:43 PM
Check that article. Despite changing cert with IIS you need to apply it with exchange servers services as well.
Greg
Oct 12 2020 01:15 AM
@SysGreg Thank you, I will take a look at this, check our settings and update you.
Oct 12 2020 07:53 AM
@SysGreg I can confirm that the new SSL cert has been associated to SMTP and IIS. It's visible via Powershell and also in EAC.
Although i have not deleted the old SSL cert yet, I'm guessing its safe to get rid of it now?
Oct 12 2020 11:57 AM
Oct 14 2020 01:29 AM
@ChrisWork Hey, have you talked about this with your firewall guys. Had this case once and it was related to ssl-caching on the central firewall. Had to clear the caches and everything worked as before.
If this is not the case, did you check if the cert is valid? Maybe the URLs for revocation checks can't be reached from the exchange server.
Kind regards