We run Exchange 2007 on Win 2K3 R2 machines. I recently had some users complaining about not being able to send mail, it appears to be a certificate issue. We use a certiface we got from a 3rd party for OWA (which most of our users use), but I guess the one for SMTP/POP is the self-signed private one. I think our self-signed one has expired. I have never worked with the certificates in exchange before. Hopefully there is a way to use are current 3rd party certificate with the other services, or a way to re-new the self signed one? Any help is appreciated, thanks.
Run the Get-ExchangeCertificate command to verify that the certificate is enabled for the correct services.
you can view the thumbprint of the certificate and Enable the services with the following CMD
Enable-ExchangeCertificate -Services IMAP, POP, UM, IIS, SMTP -thumbprint
Ok, so I added all of the services I wanted to the certificate that we got from a 3rd party and deleted all the other certificates (as they were all expired). The only issue I now have is when people try to use SSL to receive mail with a mail client. It gets the following error message in Thunderbird:
An error occurred during a connection to test.local:995.
SSL received a record that exceeded the maximum permissible length.
(Error code: ssl_error_rx_record_too_long)