Principales respuestas
Problemas con Exchange

Pregunta
-
Buenas Gente,
Les cuento que estoy teniendo un evento en mi servidor exchange donde me aparece el siguiente msj:
Yo tengo implementado los certificados auto-firmados del mismo exchange.
Pero nose como resolver este tema.
Me podria ayudar.
------------------------------------------
Microsoft Exchange couldn't find a certificate that contains the domain name mail.netafim.com.ar in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector DesdeInternet with a FQDN parameter of mail.xxxxxx.com.ar. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.
For more information, see Help and Support Center atSaludos.
Gaston Dominguezmartes, 24 de mayo de 2011 13:54
Respuestas
-
Revisa este link, http://exchange.sembee.info/2007/install/multiplenamessl.asp donde se explica cómo asignar los certificados a varios servicios, entre otras cosas.
Saludos,
Marc
MCSA/MCSE 2003
MCITP: Enterprise Administrator (Windows Server 2008)
MCITP: Enterprise Messaging Administrator (Microsoft Exchange 2007 & Exchange 2010)
MCC: Microsoft Community Contributor 2011
Citrix CCA- Propuesto como respuesta Ismael Borche miércoles, 25 de mayo de 2011 21:23
- Marcado como respuesta Ismael Borche lunes, 6 de junio de 2011 22:18
miércoles, 25 de mayo de 2011 7:04
Todas las respuestas
-
Si no usas certificados para TLS, no me preocuparía
http://technet.microsoft.com/en-us/library/bb510128(EXCHG.80).aspx
Saludos,
Marc
MCSA/MCSE 2003
MCITP: Enterprise Administrator (Windows Server 2008)
MCITP: Enterprise Messaging Administrator (Microsoft Exchange 2007 & Exchange 2010)
MCC: Microsoft Community Contributor 2011
Citrix CCAmartes, 24 de mayo de 2011 14:18 -
Estaba barbaro pero de todas formas quiero que desaparesca ese evento y quede todo funcioando correctamente.
Est es lo que me arrojan los comandos:
Get-ExchangeCertificate | FL *
AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, Syst
em.Security.AccessControl.CryptoKeyAccessRule, System.Se
curity.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {nearbasxxxx, nearbasxxxx.nearba.net}
CertificateRequest :
IisServices : {IIS://nearbasxxxx/W3SVC/1}
IsSelfSigned : True
KeyIdentifier : D774B8FDBEB5C72585B6043BA8E9216F2268935D
RootCAType : None
Services : IMAP, POP, IIS, SMTP
Status : Valid
PrivateKeyExportable : False
Archived : False
Extensions : {System.Security.Cryptography.Oid, System.Security.Crypt
ography.Oid, System.Security.Cryptography.Oid, System.Se
curity.Cryptography.Oid}
FriendlyName : Microsoft Exchange
IssuerName : System.Security.Cryptography.X509Certificates.X500Distin
guishedName
NotAfter : 21/05/2012 11:00:11
NotBefore : 21/05/2011 11:00:11
HasPrivateKey : True
PrivateKey : System.Security.Cryptography.RSACryptoServiceProvider
PublicKey : System.Security.Cryptography.X509Certificates.PublicKey
RawData : {48, 130, 3, 27, 48, 130, 2, 3, 160, 3, 2, 1, 2, 2, 16,
1...}
SerialNumber : 0143AA7483E1C1824FE249CECF79D8E9
SubjectName : System.Security.Cryptography.X509Certificates.X500Distin
guishedName
SignatureAlgorithm : System.Security.Cryptography.Oid
Thumbprint : 86C9F22C3F840739C0E6F4490842139A519ED5F1
Version : 3
Handle : 469690944
Issuer : CN=nearbasxxxx
Subject : CN=nearbasxxxxAccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, Syst
em.Security.AccessControl.CryptoKeyAccessRule, System.Se
curity.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {nearbasxxxx, nearbasxxxx.nearba.net}
CertificateRequest :
IisServices : {}
IsSelfSigned : True
KeyIdentifier : 938FC8C2109B27728D57EFF8EF3426DC2EE270F9
RootCAType : None
Services : IMAP, POP, SMTP
Status : Valid
PrivateKeyExportable : False
Archived : False
Extensions : {System.Security.Cryptography.Oid, System.Security.Crypt
ography.Oid, System.Security.Cryptography.Oid, System.Se
curity.Cryptography.Oid}
FriendlyName : Microsoft Exchange
IssuerName : System.Security.Cryptography.X509Certificates.X500Distin
guishedName
NotAfter : 02/03/2012 13:23:13
NotBefore : 02/03/2011 13:23:13
HasPrivateKey : True
PrivateKey : System.Security.Cryptography.RSACryptoServiceProvider
PublicKey : System.Security.Cryptography.X509Certificates.PublicKey
RawData : {48, 130, 3, 27, 48, 130, 2, 3, 160, 3, 2, 1, 2, 2, 16,
150...}
SerialNumber : 967EC02426FC8986442CC3A77133E122
SubjectName : System.Security.Cryptography.X509Certificates.X500Distin
guishedName
SignatureAlgorithm : System.Security.Cryptography.Oid
Thumbprint : 85F9DAB879C5C97762C4E8A6DB980E2075DF1335
Version : 3
Handle : 470472176
Issuer : CN=nearbasxxxx
Subject : CN=nearbasxxxxAccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, Syst
em.Security.AccessControl.CryptoKeyAccessRule, System.Se
curity.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {nearbasxxxx, nearbasxxxx.nearba.net}
CertificateRequest :
IisServices : {}
IsSelfSigned : True
KeyIdentifier : BDBA7B980E5C702D72667C57C647C1F4C22BD2A4
RootCAType : Unknown
Services : IMAP, POP, SMTP
Status : Invalid
PrivateKeyExportable : False
Archived : False
Extensions : {System.Security.Cryptography.Oid, System.Security.Crypt
ography.Oid, System.Security.Cryptography.Oid, System.Se
curity.Cryptography.Oid}
FriendlyName : Microsoft Exchange
IssuerName : System.Security.Cryptography.X509Certificates.X500Distin
guishedName
NotAfter : 20/03/2009 13:26:50
NotBefore : 20/03/2008 13:26:50
HasPrivateKey : True
PrivateKey : System.Security.Cryptography.RSACryptoServiceProvider
PublicKey : System.Security.Cryptography.X509Certificates.PublicKey
RawData : {48, 130, 3, 27, 48, 130, 2, 3, 160, 3, 2, 1, 2, 2, 16,
119...}
SerialNumber : 7776AA50FD7167A74E395D7155BDA8ED
SubjectName : System.Security.Cryptography.X509Certificates.X500Distin
guishedName
SignatureAlgorithm : System.Security.Cryptography.Oid
Thumbprint : 4237A1598939EFBFB46CE11A6B4CBAFF26D2B6FB
Version : 3
Handle : 470667808
Issuer : CN=nearbasxxxx
Subject : CN=nearbasxxxxGet-ReceiveConnector | FL name, fqdn, objectClass
Name : Default NEARBASxxxx
Fqdn : nearbasxxxx
ObjectClass : {top, msExchSmtpReceiveConnector}Name : Client NEARBASxxxx
Fqdn : nearbasxxxx.nearba.net
ObjectClass : {top, msExchSmtpReceiveConnector}Name : DesdeInternet
Fqdn : mail.xxxxxxx.com.ar
ObjectClass : {top, msExchSmtpReceiveConnector}Name : Relaysxxxx
Fqdn : server.nearba.net
ObjectClass : {top, msExchSmtpReceiveConnector}
Get-SendConnector | FL name, fqdn, objectClassName : SalidaInternet
Fqdn :
ObjectClass : {top, msExchConnector, mailGateway, msExchRoutingSMTPConnector}
Gaston Dominguezmartes, 24 de mayo de 2011 18:15 -
Revisa este link, http://exchange.sembee.info/2007/install/multiplenamessl.asp donde se explica cómo asignar los certificados a varios servicios, entre otras cosas.
Saludos,
Marc
MCSA/MCSE 2003
MCITP: Enterprise Administrator (Windows Server 2008)
MCITP: Enterprise Messaging Administrator (Microsoft Exchange 2007 & Exchange 2010)
MCC: Microsoft Community Contributor 2011
Citrix CCA- Propuesto como respuesta Ismael Borche miércoles, 25 de mayo de 2011 21:23
- Marcado como respuesta Ismael Borche lunes, 6 de junio de 2011 22:18
miércoles, 25 de mayo de 2011 7:04