none
Exchange 2016 - Edge Certificate

    Question

  • Hello,

    I have fresh new Edge 2016, I did Edge Subscription. Everything is ok. But when I check tls https://www.checktls.com/TestReceiver . I can see Warning, cause "Certificate 1 of 2 in chain: Cert VALIDATION ERROR(S): self signed certificate in certificate chain, So email is encrypted but the recipient domain is not verified".

    I changed certificate on Edge Enable-ExchangeCertificate -thubleprint "xxxx" -Service SMTP

    Where is problem? What I need to change aswell?

    Thanks

    Friday, March 23, 2018 2:56 PM

All replies

  • That shouldn't be a problem.

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Friday, March 23, 2018 4:03 PM
    Moderator
  • its  said, self sign certificate is used. Can I change it?

    Friday, March 23, 2018 4:05 PM
  • If you have two certificates, the most appropriate one will be used for connectivity to Internet SMTP hosts, so that would be your third-party certificate if you have configured it properly.  The presence of the self-signed certificate should not be a problem.  That is the certificate that will be used for mail between your Exchange servers.

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Friday, March 23, 2018 5:06 PM
    Moderator
  • Thanks for reply

    Yes, I configured a third-party certificate service for smtp on the Edge. Should I put this 3rd party cert insert into Receive/send Connectors?

    Friday, March 23, 2018 5:21 PM
  • That should not normally be necessary.

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!


    Friday, March 23, 2018 11:33 PM
    Moderator
  • I found, that issuer of the certificate (self-signed cert) is FortiGuard, so the problem is in firewall. Ill check it on monday.

    Friday, March 23, 2018 11:39 PM
  • Glad to hear that you may found the issue, and thanks for your sharing! Will waiting for your updates.

    Nice day!


    Best Regards,
    Jason Chao


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Monday, March 26, 2018 1:55 AM
    Moderator