Hi all,
Question: is it possible to use a self signed certificate to migrate via MRS Proxy from Exchange2013 to Exchange2019?
Setup:
- Destination: Exchange 2019 CU10
- Source: Exchange 2013 CU23, self signed certificate
Our customer uses a self signed cert on the existing exchange node 2013 (bad thing i know).
Test-MigrationServerAvailability shows up a problem with the certificate.
Microsoft.Exchange.Migration.MigrationServerConnectionFailedException: The connection to the server 'exchange2013.local.intern' could not be completed. --->
Microsoft.Exchange.MailboxReplicationService.RemotePermanentException: The Mailbox Replication Service could not connect to the remote server because the certificate is invalid. The call to
'https://exchange2013.local.intern/EWS/mrsproxy.svc' failed. Error details: Could not establish trust relationship for the SSL/TLS secure channel with authority 'exchange2013.local.intern'. -->
The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. --> The remote certificate is invalid according to the validation procedure.. -->
Could not establish trust relationship for the SSL/TLS secure channel with authority 'exchange2013.local.intern'. --> The underlying connection was closed: Could not establish trust relationship
for the SSL/TLS secure channel.
The customer is using a internal self signed certificate (not from a pki, directly from exchange) for OWA,EWS and other services. That's bad i know. He is also using a internal URL where clients are connecting. ...
Question:
Is there a way to easily go ahead and ignore the ssl error (or skip validation, ...) to be able to
create the endpoint migration point to move the mailboxes over to exchange 2019?
The way forward to get a public trusted official certificate & change the configuration is currently to much effort. I was not able to find a doc.microsoft.com or offical paper where a public certificate for mrs proxy 2013-2019 is required.
thanks for clarification.
