Hello

we are receiving the following event 12018.......

The STARTTLS certificate will expire soon: subject: remote.domain.com, hours remaining: BB13C8B6855C95ABDB325D7ED3254CAD19723E75. Run the New-ExchangeCertificate cmdlet to create a new certificate. We ran through the steps of creating a new certificate and it expires in 2020.

Why are we continuing to receive this event?

Thank you

• Moved by Jason Johnston [MSFT]Microsoft employee Friday, April 17, 2015 4:27 PM Not a development question.

I have encountered this as well. Once the new certificate is in place, I'll wait to see if everything is working OK for a while (couple weeks) and then delete the old (expired) certificate.

Did you enable the new certificate for use with IIS,SMTP and if applicable IMAP and POP?

It's not enough to request and install a new certificate if Exchange does not realize it is available for use. 

Thanks for you reply David

I have not deleted the old cert. I read somewhere SMTP, IMAP and POP was enabled by default and IIS only required to be enabled? I haven't completed this task either. 

I will enable and wait a week or so then delete the old cert.

Thanks again.

I receive the following when I try to enable...

WARNING: This certificate will not be used for external TLS connections with an
 FQDN of 'servername.domain.local' because the CA-signed certificate with
thumbprint '3FBD98F7CE497D399B4B31246986DF154909B358' takes precedence. The
following connectors match that FQDN: Default META-SBS-01.
WARNING: This certificate will not be used for external TLS connections with an
 FQDN of 'remote.domain.com because the CA-signed certificate
with thumbprint 'BB13C8B6855C95ABDB325D7ED3254CAD19723E75' takes precedence.
The following connectors match that FQDN: Windows SBS Internet Receive

Hi,

The Event 12018 in your original posting indicates that the certificate BB13C8B6855C95ABDB325D7ED3254CAD19723E75 would be expired. You have 2020 hours to renew a certificate by using New-ExchangeCertificate cmdlet.

Please check whether there is any error when you use Exchange service. If the certificate issue still persists, please run the following command to check your Exchange certificate configuration:

Get-ExchangeCertificate | fl

Regards,

There doesn't appear to be any Exchange errors, just this warning. I failed to mention that I did create a new certificate successfully. I would think that that is the active cert being used. I am concerned why I would continue to receive this event log message 12018 regarding the expired cert.

Thank you for you help.

There doesn't appear to be any Exchange errors, just this warning. I failed to mention that I did create a new certificate successfully. I would think that that is the active cert being used. I am concerned why I would continue to receive this event log message 12018 regarding the expired cert.

Thank you for you help.

Hi,

If the new certificate has been created and assigned with proper service, we can remove the expired certificate.

Regards,