I keep getting this error in the event log: EventID 1037.. MSExchangeTransport.. SMTPReceive.. Inbound direct trust certificate with thumbprint B2A5E7E9C8FAFD936F92335986C8C869A53CF357 has expired. Run New-ExchangeCertificate to generate a new direct trust certificate. I'm not sure what to do here.. i have an external certificate from godaddy working and assigned as well.. but this one is associated with a CA that is no longer there.. Do i just do a new request for the name of this certificate and re-enable it? And if so for what services.. as there really should only be the wan1.domain.com certificate Here are the3 i have now: AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System .Security.AccessControl.CryptoKeyAccessRule, System.Securi ty.AccessControl.CryptoKeyAccessRule}CertificateDomains : {wan1.domain.com, www.wan1.domain.com}HasPrivateKey : TrueIsSelfSigned : FalseIssuer : SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Au thority, OU=http://certificates.godaddy.com/repository, O= "GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=USNotAfter : 11/22/2008 10:55:22 AMNotBefore : 11/20/2007 10:19:13 AMPublicKeySize : 2048SerialNumber : 41C1F2Status : ValidSubject : CN=wan1.domain.com, OU=Domain Control Validated, O=wan1.domain.comThumbprint : 3B577E861E9FE090B8F9BCE23B3EEC19D466CE98 **This one is invalid now: AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System .Security.AccessControl.CryptoKeyAccessRule}CertificateDomains : {exchange02.domain.local}HasPrivateKey : TrueIsSelfSigned : FalseIssuer : CN=backup01, DC=domain, DC=localNotAfter : 11/3/2008 8:49:26 AMNotBefore : 11/4/2007 8:49:26 AMPublicKeySize : 1024SerialNumber : 1D133224000000000016Status : UnknownSubject : CN=exchange02.domain.localThumbprint : B2A5E7E9C8FAFD936F92335986C8C869A53CF357 AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System .Security.AccessControl.CryptoKeyAccessRule, System.Securi ty.AccessControl.CryptoKeyAccessRule}CertificateDomains : {exchange02, exchange02.domain.local}HasPrivateKey : TrueIsSelfSigned : TrueIssuer : CN=exchange02NotAfter : 9/24/2008 2:47:18 PMNotBefore : 9/24/2007 2:47:18 PMPublicKeySize : 2048SerialNumber : 28A3383569194CBE4E24EA086138AA9EStatus : ValidSubject : CN=exchange02Thumbprint : 6FEF0CF608A987C15684138C516F70D8E35E36A7 ---- Thanks

The 'default' certificate that Exchange 2007 installs during setup is a self-signed certificate that is not associated with any internal CA. Did you issue a new certificate for client access or other services from your internal CA during intial setup, as this would be a different cert. If this is the case then re-visit those steps using the new internal CA or use a third-party certificate to replace it.

I would try to generate a new request to a CA on your network if you have not purchased a cert for the server. I don't understand how the default certificate would have anything to do with GoDaddy. There has to have been a certificate installed in IIS or through the Exchange shell. One thing that you must do in 2007 is enable the certificate for services through the power shell. I also think it is cleaner to add the certificate through the PS. Here are the commands: Code Block Import-ExchangeCertificate -Path "C:\..." Enable-ExchangeCertificate -Thumbprint [THUMBPRINT] -Services "POP, IMAP, IIS, SMTP" The thumbprint can be found in the certificate manager by looking at the properties of the certificate. You can also see thumbprint by running: Code Block get-exchangecertificate