cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Starttls expires in ### day's, but certificate is not any more in the Exchangecertificate store

Pascal Wenders
Brass Contributor

‎Aug 21 2020 05:31 AM

‎Aug 21 2020 05:31 AM

Starttls expires in ### day's, but certificate is not any more in the Exchangecertificate store

Hi,

 

Probably someone can help me.
From one of the MB server in the cluster has within 10 days an expired starttls certificate. But this certificate is from a CA. But the certificate is not in de Exchangecertificate store anymore

So how can I find the right connector where this certificate is connected to and how can I change this certificate.

Message in eventviewer is: The STARTTLS certificate will expire soon: subject: <MB server name>, thumbprint: ####################, expires: 31-8-2020 23:59:59. Run the New-ExchangeCertificate cmdlet to create a new certificate.

Thanks so far

Labels:
3,200 Views
0 Likes
1 Reply
Reply
1 Reply
best response confirmed by Pascal Wenders (Brass Contributor)
Pascal Wenders

‎Aug 23 2020 11:30 PM

‎Aug 23 2020 11:30 PM

Solution

Re: Starttls expires in ### day's, but certificate is not any more in the Exchangecertificate store

I've found the solution

With the command  Get-ReceiveConnector | select-object identity, TlsCertificateName I found the connectors with the certificate.

 

With the commands mentioned at https://practical365.com/exchange-server/configuring-the-tls-certificate-name-for-exchange-server-re... I had changed the certificate

 

The are:

$cert = Get-ExchangeCertificate -Thumbprint #########################
$tlscertificatename = "<i>$($cert.Issuer)<s>$($cert.Subject)"
Set-ReceiveConnector “Name of the receiver connector” -TlsCertificateName $tlscertificatename

 

Issue has been solved

 

0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by Pascal Wenders (Brass Contributor)
Pascal Wenders

‎Aug 23 2020 11:30 PM

‎Aug 23 2020 11:30 PM

Solution

Re: Starttls expires in ### day's, but certificate is not any more in the Exchangecertificate store

I've found the solution

With the command  Get-ReceiveConnector | select-object identity, TlsCertificateName I found the connectors with the certificate.

 

With the commands mentioned at https://practical365.com/exchange-server/configuring-the-tls-certificate-name-for-exchange-server-re... I had changed the certificate

 

The are:

$cert = Get-ExchangeCertificate -Thumbprint #########################
$tlscertificatename = "<i>$($cert.Issuer)<s>$($cert.Subject)"
Set-ReceiveConnector “Name of the receiver connector” -TlsCertificateName $tlscertificatename

 

Issue has been solved

 

View solution in original post

0 Likes
Reply