Exchange 2010 | EventID 12014 Microsoft Exchange could not find a certificate that contains the domain name XCH01..local in the personal store on the local computer

When you recieve the following error in your eventlog on your Exchange 2010 server

Log Name: Application
 Source: MSExchangeTransport
 Date: 4-10-2013 7:45:15
 Event ID: 12014
 Task Category: TransportService
 Level: Error
 Keywords: Classic
 User: N/A
 Computer: XCH01.<servername>.local
 Description:
 Microsoft Exchange could not find a certificate that contains the domain name XCH01.<servername>.local 
 in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb 
 for the connector Default XCH01 with a FQDN parameter of XCH01.<servername>.local. If the connector's 
 FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed 
 certificates to make sure that there is a certificate with a domain name for that FQDN. If this 
 certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the 
 Microsoft Exchange Transport service has access to the certificate key.
 Event Xml:
 <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
 <System>
 <Provider Name="MSExchangeTransport" />
 <EventID Qualifiers="49156">12014</EventID>
 <Level>2</Level>
 <Task>12</Task>
 <Keywords>0x80000000000000</Keywords>
 <TimeCreated SystemTime="2013-10-04T05:45:15.000000000Z" />
 <EventRecordID>1053554</EventRecordID>
 <Channel>Application</Channel>
 <Computer>XCH01.<servername>.local</Computer>
 <Security />
 </System>
 <EventData>
 <Data>XCH01.<servername>.local</Data>
 <Data>Default XCH01</Data>
 </EventData>
 </Event>

Open powershel for Exchange
Enter command Get-ExchangeCertificate |FL to see if there is a certificate. You can see this also in the Exchange Console (EMC)

enter the command Get-ReceiveConnector | FL name, fqdn, objectclass
You see there is a local FQDN.

You need to enter New-ExchangeCertificate. You get a message to overwrite the current default SMTP certificate.
you have to CLICK NO.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s