Exchange 2019 CU 12 Cannot login to ECP after installing new SSL certificate RRS feed

  • 问题

  • Hello everyone,

    Recently on our Exchange 2019 CU12 server, I updated an Auth Certificate, installed a new certificate, and verified that I can access ECP and log in to OWA with the IP addresses of two Exchange servers, and I am using the new certificate. But SLB is used in the environment, and SLB VIP is used to log in and access, when I go to ECP URL to log in, it redirects to OWA URL:


    The following IIS recycling commands have been executed, and it does not work.

    [PS] C:>Restart-WebAppPool "MSExchangeOWAAppPool"

    [PS] C:>Restart-WebAppPool "MSExchangeECPAppPool"

    The strange thing is that after waiting for 8 hours, the SLB VIP access is normal. I think the CU12 version still does not solve the problem of UTC time zone, although there is no phenomenon of "ASSERT: HMACProvider.GetCertificates:protectionCertificates.Length<1" in the previous version .

    Admin please help, thanks

    2023年2月5日 0:50


  • I found that the https 443 of the IIS Default Web Site certificate of exchange01 and exchange02 is bound to wmsvc-sha2 at the same time, and the slb vip will always be redirected to the login page. If the https 443 wmsvc- of one of the Default Web Site certificates is canceled There is no problem with sha2 certificate binding.
    2023年2月5日 2:03
  • Hi uranus12,

    Kindly note that since this forum only supports posting in Chinese, and since you have created a same thread in Microsoft Q&A forum, please follow up the thread there.

    Thanks for your understanding.

    2023年2月6日 1:33