Differences

This shows you the differences between two versions of the page.

--- internet:mail:exchange:exchange_ssl [2020/08/25 21:04]
gcooper
+++ internet:mail:exchange:exchange_ssl [2022/04/17 14:08] (current)
gcooper
@@ Line 189: / Line 189: @@
 <file>
-Get-ReceiveConnector "VA-EXCH-01\Client Frontend VA-EXCH-01" | fl
+Get-ReceiveConnector
+Get-ReceiveConnector "VA-EXCH-01\Default Frontend VA-EXCH-01" | fl
 </file>
+Set the correct SSL certificate used by the Default Frontend (SMTP on port 25) connector:
+<file>
+Get-ExchangeCertificate
+$cert = Get-ExchangeCertificate -Thumbprint "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+$cert | fl Thumbprint,Issuer,Subject
+$tls = "<i>$($cert.Issuer)<s>$($cert.Subject)"
+Set-ReceiveConnector "VA-EXCH-01\Default Frontend VA-EXCH-01" -TlsCertificateName $tls
+Get-ReceiveConnector "VA-EXCH-01\Default Frontend VA-EXCH-01" | fl
+</file>
+Test from a Linux host:
+<file>
+openssl s_client -connect exchange.yourdomain.tld:25 -starttls smtp < /dev/null
+</file>
+===== Microsoft Exchange Server Auth Certificate =====
+Read this entire page first: https://byronwright.blogspot.com/2018/05/expired-microsoft-exchange-server-auth.html
+==== Exchange Admin Center ====
+Renew the expired/expiring certificate in EAC:
+**EAC -> Servers -> Certificates**
+:!: You will need to **copy the thumbprint of the new MESAC** to be used in the following EMS commands.
+==== Exchange Management Shell ====
+:!: Substitute your new thumbprint.
+<file>
+Get-AuthConfig
+$thumb = "1DB0B9BC4195B1F5EDFC4CDED5106B9F4069FFF1"
+$date = get-date
+Set-AuthConfig -NewCertificateThumbprint $thumb -NewCertificateEffectiveDate $date
+Set-AuthConfig -PublishCertificate
+Set-AuthConfig -ClearPreviousCertificate
+iisreset
+</file>
+:!: If it is still not working properly, you might try rebooting the server.
 ===== Troubleshooting =====

Virtual Architects Support Wiki

User Tools

Site Tools

Differences

Page Tools