Apr 20 2023 08:20 AM
I have a newly setup hybrid from an Exchange 2016 single server on premises. The migration of mailboxes has run ok but mail is not flowing between 365 and on-premise and before we redirected the MX record it wasn't flowing the other way either.
A few of the symptoms I have are
450 4.4.317 Cannot connect to remote server [Message=SubjectMismatch] [LastAttemptedServerName=remote.mydomain.com]
The newly purchased GoDaddy certificate clearly has that as a SAN. Specifically, the subject is my.domain.com and the Subject Alternative Names are www.mydomain.com, remote.mydomain.com and autodiscover.mydomain.com. Exactly as specified by the MS documentation for hybrid certificates
Everything seems to state that there's a certificate issue. The server is fully patched and up to date and root certificate windows updates isn't blocked. We have rerun the HCW, disabled TLS 1.0 and 1.1 and remove and re-added the certificate. The state is exactly the same
Apr 20 2023 11:35 AM
The TlsCertName on those connectors, have they been configured and has the certificate recently been renewed and is there a mismatch between TlsCertName <I>X<S>Y, where X is not the actual issues any longer or Y mismatches the subject? Sometimes CA's change (intermediate) root certs and you have this phenomenom.