Running through the Exchange Server Deployment Assistant for a Hybrid 2007/2013 Configuration there’s a section on assigning services to the certificate. Specifically assigning the certificate to smtp for secure mail transport it says
“If you receive the warning Overwrite the existing default SMTP certificate?, click No.“
Is this advice correct, shouldn’t it actually say ..
“If you receive the warning Overwrite the existing default SMTP certificate?, click Yes”
Actually that's correct. You dont want to overwrite the default cert. The certificate you are using for Hybrid is going to be a 3rd party cert with a subject name that will match the FQDN you have set on the receive and send connector used for SMTP traffic betwwen Office 365 and on-prem. The FQDN matching the cert subject is what binds them together.
The default SMTP cert is the self-generated one in Exchange.
Best Response confirmed by
Ian Moran (Regular Contributor)
Thanks Andy, confirms what I was thinking. Given that we have probably overwritten the default smtp certificate we can just regenerate this with New-ExchangeCertificate on the 2013 server and make it default for SMTP ?