I am running Exchange 2007 on a 64-bit Windows 2008 server. There is only one Exchange server in the organization. Recently, I received error 12015 on the server indicating that the internal cert has expired. I ran get-ExchangeCertificate and got a new one (a least it said I had a new one). Now, I'm stuck. Outlook 2007 clients still say the certificate is expired. Do I need to do something else in this situation? Stu

Ideally you should complete your deployment by purchasing a certificate. The self signed certificate is designed as a place holder and should be switched for a commercial certificate. You can get compatible commercial certificates for less than US$80/year. I have instructions on how to install the certificate here: http://blog.sembee.co.uk/post/Exchange-2007-and-SSL-Certificates-Take-2.aspx Simon.Simon Butler, Exchange MVP. http://blog.sembee.co.uk , http://exbpa.com/

For how to create the certificate CSR https://www.digicert.com/easy-csr/exchange2007.htm Installation steps http://www.digicert.com/ssl-certificate-installation-microsoft-unified-communications.htmJonas Andersson MCTS: Microsoft Exchange Server 2007/2010 | MCITP: EMA 2007/2010 | MCSE/MCSA Blog: http://www.testlabs.se/blog

Hi Stu, To generate a new self-signed certificate, you need to run new-exchangecertificate. To resolve this problem, please try the following steps: Step 1: Delete the expired certificate: a. Run get-exchangecertificate |fl , please note the Thumbprint number of the expired certificate, such as 5113ae0233a72fccb75b1d0198628675333d010e. b. Run remove-exchangecertificate -thumbprint 5113ae0233a72fccb75b1d0198628675333d010e to delete this expired certificate. Step 2: Generate a new exchange certificate new-exchangecertificate If You may get a prompt to overwrite the default SMTP certificate. type A to overwrite it. Step 3: Enable this new certificate for the exchange services: Enable-exchangecertificate -thumbprint <the new certificate you just created> -services:IIS,SMTP,POP,IMAP More information, please refer the following link: http://technet.microsoft.com/en-us/library/aa997231(EXCHG.80).aspxPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Thanks

Hello Stu P, Check the Event Viewer for Event ID 12015,12014 and go through those Event Id & according to that create a Self sign certificate for SMTP service. For example :-- New-ExchangeCertificate -DomainName server.domain.local,mail.domain.com -Services SMTP After creating the Self sign certificate for SMTP service & restart the Transport service. It will help you. EXCHANGE2010, MCSE, MCTS, MCSA MESSAGING, CCNA & GNIIT