Situation
Im Ereignislog wurde folgende Meldung angezeigt:
The Federation or Auth certificate 819E7F89AE50C0168768BE37C2332C0F8530F176 has expired. Renew the certificate to ensure proper functionality of Federation Trust or Auth services.
Aktuelle Zertifikate anzeigen:
Get-ChildItem cert:\localmachine\my | ft Thumbprint,Notafter,Subject
Thumbprint NotAfter Subject
---------- -------- -------
E54B3232D2A8B5D187AE4B0DF648DD316B5B1AAD 9/3/2023 8:42:25 AM CN=CLIUSR
C2E300E1F8F72352D8B97EF586FD7E9889F6CEDB 5/10/2032 12:58:35 PM CN=WMSvc-SHA2-VMTA02
9D221FAF5DFA591F3FEA5A609B762591E3C7F0D9 3/6/2024 11:22:00 AM CN=CLIUSR
819E7F89AE50C0168768BE37C2332C0F8530F176 7/9/2023 12:36:53 PM CN=Microsoft Exchange Server Auth Certificate
4BB7646DB77301972EF875EE708E70306E32A072 5/13/2027 1:45:35 PM CN=Exchange
Hier ist zu sehen, dass das Zertifikat 819E7F89AE50C0168768BE37C2332C0F8530F176 7/9/2023 12:36:53 PM CN=Microsoft Exchange Server Auth Certificate abgelaufen ist.
Lösung
New-ExchangeCertificate -KeySize 2048 -PrivateKeyExportable $true -SubjectName "cn=Microsoft Exchange Server Auth Certificate" -FriendlyName "Microsoft Exchange Server Auth Certificate" -DomainName @()
Confirm
Overwrite the existing default SMTP certificate?
Current certificate: '4BB7646DB77301972EF875EE708E70306E32A072' (expires 5/13/2027 1:45:35 PM)
Replace it with certificate: '88047F6195DCD6DDC308598079068D4A345E0E51' (expires 7/13/2028 2:04:16 PM)
[Y] Yes [A] Yes to All [N] No [L] No to All [?] Help (default is "Y"): y
Thumbprint Services Subject
---------- -------- -------
88047F6195DCD6DDC308598079068D4A345E0E51 ....S.. CN=Microsoft Exchange Server Auth Certificate
To view this entry in full, you must be a customer of Securebit AG. You can order any product from our range.
If you are already a customer, you can log in
here.