How to Remove an SSL Certificate from Exchange Server 2. Victor asks: I assigned a new SSL cert to the SMTP service on my Exchange 2. However, the old cert is still bound to the SMTP service and I can’t uncheck the box. Do I need to reboot the server or can I just restart the SMTP service to unbind it? Certificates bound to SMTP are a little different than other services on an Exchange server. If you bind a certificate to IIS for example, it removes the binding for any previous certificate, and becomes the only certificate bound to that service. However with SMTP you can have multiple SSL certificates bound to the service. Here's an example. PS] C: \> Get- Exchange. Microsoft has released Service Pack 3 for Exchange Server 2010. This is a significant release that delivers some key functionality to customers such as support for. How to unbind an SSL certificate from a service in Exchange Server 2013 and remove the certificate from the server. · Thanks. We have 4 Exchange 2007 locations/"sites". I wonder if we should configure the web-based OAB to be available from each of the 4 CAS servers.or. ![]() Certificate | select thumbprint,services,notafter,subject,certificatedomains | where {$_. Services - . match "SMTP"} | fl. Thumbprint : 2. D7. 5A8. C5. BA4. DF1. 6D5. EF5. 77. DE4. 56. 31. 14. D1. Services : IMAP, POP, IIS, SMTP. Not. After : 1. PM. Subject : CN=mail. OU=IT Department, O=Lock. LAN Systems Pty Ltd, L=Hemmant, S=Qld, C=AU. Certificate. Domains : {mail. Auto. Discover. exchangeserverpro. Thumbprint : E7. A3. DB2. 9AA4. EA6. B2. C2. 7D7. 8CE0. EBDB1. C7. 00. 5. Services : SMTP. Not. After : 1. PM. Subject : CN=EX2. SRV1. Certificate. Domains : {EX2. 01. SRV1, EX2. 01. 3SRV1. Thumbprint : 5. C5. E9. 12. 4B0. 96. BBFB5. 70. 59. 6AAE6. D9. 53. 61. E. Services : SMTP. Not. After : 2. PM. Subject : CN=EX2. SRV1. Certificate. Domains : {EX2. 01. SRV1, EX2. 01. 3SRV1. PS]C: \> Get- Exchange. Certificate|select thumbprint,services,notafter,subject,certificatedomains|where{$_. Services- match"SMTP"}|fl. Thumbprint : 2. D7. 5A8. C5. BA4. DF1. 6D5. EF5. 77. DE4. 56. 31. 14. D1. Services : IMAP,POP,IIS,SMTPNot. After : 1. PMSubject : CN=mail. OU=IT Department,O=Lock. LAN Systems Pty Ltd,L=Hemmant,S=Qld,C=AUCertificate. Domains: {mail. exchangeserverpro. Auto. Discover. exchangeserverpro. Thumbprint : E7. A3. DB2. 9AA4. EA6. B2. C2. 7D7. 8CE0. EBDB1. C7. 00. 5Services : SMTPNot. After : 1. PMSubject : CN=EX2. SRV1. Certificate. Domains: {EX2. 01. SRV1,EX2. 01. 3SRV1. Thumbprint : 5. C5. E9. 12. 4B0. 96. BBFB5. 70. 59. 6AAE6. D9. 53. 61. EServices : SMTPNot.After : 2.PMSubject : CN=EX2. . SRV1. Certificate. Domains: {EX2. 01. SRV1,EX2. 01. 3SRV1. As you can see I've got my SAN certificate bound to IMAP, POP, IIS, and SMTP. But then I've also got two additional certificates bound to SMTP. These are self- signed certificates created by Exchange setup. Why do I have two? It's possible I've reinstalled this server at some stage, or manually created one of them. Regardless, you can see that multiple certificates are bound to SMTP, which is the point I'm making. Anyway, let's say for some reason we want to remove one of those self- signed certificates, or at the very least unbind it from SMTP. To bind a certificate to a service we use Enable- Exchange. Certificate, however there is no corresponding Disable- Exchange. Certificate cmdlet. As Victor points out, trying to do it via the Exchange Admin Center is impossible – the tick box is greyed out. However we still have a Power. Shell solution to the problem. If you look closely at the documentation for Enable- Exchange. Certificate you can see that the - Services parameter accepts a value of “None”. So this command will set the certificate with a thumbprint of “5. C5. E9. 12. 4B0. 96. BBFB5. 70. 59. 6AAE6. D9. 53. 61. E” to be bound to no services on the server. PS] C: \> Enable- Exchange. Certificate - Services None - Thumbprint 5. C5. E9. 12. 4B0. 96. BBFB5. 70. 59. 6AAE6. D9. 53. 61. E1[PS]C: \> Enable- Exchange. Certificate- Services None- Thumbprint. C5. E9. 12. 4B0. 96. BBFB5. 70. 59. 6AAE6. D9. 53. 61. EIf you want to remove the certificate from the server entirely use Remove- Exchange. Certificate. However, don't do this until you're 1. I have seen customers who delete a certificate only to later realise that the server was still using that certificate for something. PS] C: \> Remove- Exchange. Certificate - Thumbprint 5. C5. E9. 12. 4B0. 96. BBFB5. 70. 59. 6AAE6. D9. 53. 61. E. Are you sure you want to perform this action? Remove certificate with thumbprint 5. C5. E9. 12. 4B0. 96. BBFB5. 70. 59. 6AAE6. D9. 53. 61. E from the computer's certificate store? Y] Yes [A] Yes to All [N] No [L] No to All [?] Help (default is "Y"): y[PS]C: \> Remove- Exchange. Certificate- Thumbprint. C5. E9. 12. 4B0. 96. BBFB5. 70. 59. 6AAE6. D9. 53. 61. EConfirm. Are you sure you want toperform thisaction? Remove certificate with thumbprint. C5. E9. 12. 4B0. 96. BBFB5. 70. 59. 6AAE6. D9. 53. 61. Efrom the computer'scertificate store?[Y]Yes [A]Yes to. All [N]No [L]No to. All [?]Help(defaultis"Y"): y. Exchange 2. 01. 0/Outlook 2. GAL error (0x. 80. I am receiving the following errors on a few machines (all running XP & Outlook 2. Task 'Microsoft Exchange' reported error (0x. The connection to Microsoft Exchange is unavailable. Outlook must be online or connected to complete this action.' ""Microsoft Office Outlook cannot download your offline address book. The connection to Microsoft Exchange is unavailable. Outlook must be online or connected to complete this action."Points of note: 1.) This happens when I go to Send/Receive- > Download Address Book - > OK2.) This also happens to one user when trying to schedule a meeting (sending the request). After rebuilding one Outlook profile, the address book updated the first time (we could see one additional contact that wasn't there before the rebuild), but the error still reoccurred after the initial rebuild. One of my users CAN NOT work in cached mode because it will not download new information from the Exchange server. It will say "This folder was last updated on (date)(time)." However when I take the user out of cached mode, Outlook functions normally. This is also the SAME user that I did the Outlook Profile rebuild on. I feel that all the issues are related to some kind of common connection problem between the users' Outlook and the Exchange server. Please let me know if additional information will be useful in resolving this issue.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
November 2017
Categories |