O-Xchange Notes from the Field!

Thursday, October 1, 2009

create or renew self-signed certificate on Exchange server 2007

After creating a new hub transport server(or any exchange 2007 server), a new self-signed certificate with the server name is created
 
THis cert can be used to establish TLS connections. However, if service TLS setting advertises with a different FQDN, the domain name must be included during certificate creation in exchange
 
for eg, to create a certificate for SMTP services using 2 domain names, use the following command
 
get-exchangecertificate | New-ExchangeCertificate -DomainName "servername", "publicname" -FriendlyName MSExchange

the certificate will be created with multi-domain names. In this case, server name and the public name
this resolves event 12014 on a hub transport server

No comments:

Post a Comment