External email not received with NDR '550 5.4.317 Message expired, cannot connect to remote server(C
Hi all, we are getting some problem from one of the external domain not getting through. there is a NDR to the sender '550 5.4.317 Message expired, cannot connect to remote server(CertificateExpired)' I also run some test using checktls and it also report [001.696] Connection converted to SSL SSLVersion in use: TLSv1_3 Cipher in use: TLS_AES_256_GCM_SHA384 Perfect Forward Secrecy: yes Session Algorithm in use: Curve P-256 DHE(256 bits) Certificate #1 of 3 (sent by MX): EXPIRED Cert VALIDATION ERROR(S): certificate has expired So email is encrypted but the recipient domain is not verified ssl : scheme=smtp cert=94220930177 : identity=mail.domain.com cn=*.domain.com alt=2 *.domain2 domain.com Cert Hostname VERIFIED (mail.domain.com = *.domain.com | DNS:*.domain.com | DNS:domain.com) cert not revoked by OCSP Data: Version: 3 (0x2) Serial Number: 0e:cd:b7:0b:82:c2:46:0b::5c:0b:b4:29:5f:e2 Validity: Not Before: Oct 26 00:00:00 2021 GMT Not After: Nov 26 23:59:59 2022 GMT I have check all exchange server and mail security gateway, all using new ssl certificate. can anyone shed some light on this matter. Thank you all
Exchange 2016 Certificate import problem
We have a wildcard certificate for our organization's external presence. It works with our older Exchange 2010 servers and we had no problem importing and using it on those platforms. However we are migrating to Ex2016 as a stepping stone to Exchange online. When I use the EMS cmdlet: Import-ExchangeCertificate -FileName "C:\temp\star_skld_com.crt" -Password (ConvertTo-SecureString -String 'PASSWORD' -AsPlainText -Force) I get no errors and what looks like a successful import. However when I look at the certificates: Get-ExchangeCertificate | where {$_.Status -eq "Valid"} | Format-List FriendlyName,Subject,CertificateDomains,Thumbprint,NotBefore,NotAfter The new certificate does not show in the list. If I delete the certificate from the Certificate MMC and I import the certificate it still does not show in either EMC nor that same command in EMS. I cannot find anything relating to this problem and how to solve it.
Exchange Hybrid SSL Certificate Question
Hello, Would like to ask reg SSL Certificate for Hybrid. I have Exchange 2013. We have the following domains. Parent domain - domain1.com (No SMTP, Not using as email address) Other domains - domain2.com, domain3.com, domain4.com (Used as email address) Question is, do I need to add domain1.com as part of my SSL Certificate or I just need to use other domains? TIA!
