I get the following error in myWindows 2003 Server 64 bitApplication event viewer logs concerning Exchange 2007: Source- MSExchangeTransport Category- SmtpReceive Event ID: 1037 Description: Inbound direct trust certificate with thumbprint E610AA2B1BA8AE299F85903CE776CA8AD3A0CF84 has expired. Run New-ExchangeCertificate to generate a new direct trust certificate.When I run Get-Exchange Certificates on Exchange this is what I get below. The thumbprint mentioned in the error is valid according to the output below. Not sure what all the other certificates are for. Any help will be appeciated. Thanks. [PS] C:\Documents and Settings\burnettj>Get-ExchangeCertificate | fl AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System .Security.AccessControl.CryptoKeyAccessRule, System.Securi ty.AccessControl.CryptoKeyAccessRule}CertificateDomains : {Exchange Server, Mail.domain.com}HasPrivateKey : TrueIsSelfSigned : TrueIssuer : CN=Exchange ServerNotAfter : 8/19/2010 2:09:53 PMNotBefore : 8/19/2009 2:09:53 PMPublicKeySize : 2048SerialNumber : 27C3D7BDB0AB64BA4C2965CDE4FA99B0Status : ValidSubject : CN=Exchange ServerThumbprint : 5189D73C84C9EDC75B46E9F73EC4C3FCCBF22D9E AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System .Security.AccessControl.CryptoKeyAccessRule, System.Securi ty.AccessControl.CryptoKeyAccessRule}CertificateDomains : {Exchange Server.domain.com}HasPrivateKey : TrueIsSelfSigned : TrueIssuer : C=US, S=VA, L=Vienna, O=Domain, OU=Exchange Server, CN=Exchange Server.domain.co mNotAfter : 8/19/2010 2:01:20 PMNotBefore : 8/19/2009 2:01:20 PMPublicKeySize : 1024SerialNumber : 687A1686F6381BA34C47226756DEE651Status : ValidSubject : C=US, S=VA, L=Vienna, O=Domain, OU=Exchange Server, CN=Exchange Server.domain.com Thumbprint : E6D31707794560388768F6D3CF14EF1C02856B82 AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System .Security.AccessControl.CryptoKeyAccessRule, System.Securi ty.AccessControl.CryptoKeyAccessRule}CertificateDomains : {Exchange Server.domain.com}HasPrivateKey : TrueIsSelfSigned : TrueIssuer : C=US, S=VA, L=Vienna, O=Domain, OU=Exchange Server, CN=Exchange Server.domain.com NotAfter : 8/19/2010 1:47:18 PMNotBefore : 8/19/2009 1:47:18 PMPublicKeySize : 1024SerialNumber : 8050888885E2809A4362F726A51061DFStatus : ValidSubject : C=US, S=VA, L=Vienna, O=Domain, OU=Exchange Server, CN=Exchange Server.domain.com Thumbprint : 7DF93246DA7329CD363A2CF2B440ACB55A0CA68B AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System .Security.AccessControl.CryptoKeyAccessRule, System.Securi ty.AccessControl.CryptoKeyAccessRule}CertificateDomains : {Exchange Server.domain.com}HasPrivateKey : TrueIsSelfSigned : TrueIssuer : C=US, S=VA, L=Vienna, O=MSPX, OU=Exchange Server, CN=Exchange Server.domain.com NotAfter : 8/19/2010 1:47:17 PMNotBefore : 8/19/2009 1:47:17 PMPublicKeySize : 1024SerialNumber : 1CC0B6615E7F2C8D4596BB60BA6D00F3Status : ValidSubject : C=US, S=VA, L=Vienna, O=Domain, OU=Exchange Server, CN=Exchange Server.domain.comThumbprint : F4CA1A31E07A0D9A62DD1163B1216EB8ED89A05D AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System .Security.AccessControl.CryptoKeyAccessRule, System.Securi ty.AccessControl.CryptoKeyAccessRule}CertificateDomains : {Exchange Server, Exchange Server, Mail.domain.com}HasPrivateKey : TrueIsSelfSigned : TrueIssuer : CN=Exchange ServerNotAfter : 8/19/2010 11:27:18 AMNotBefore : 8/19/2009 11:27:18 AMPublicKeySize : 2048SerialNumber : A9C11F89C1F9169F41AAD12E54D3F3B5Status : ValidSubject : CN=Exchange ServerThumbprint : 4306CC0D8F24C19CC0EE6ACC3B0A4E763B8A9C96 AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System .Security.AccessControl.CryptoKeyAccessRule, System.Securi ty.AccessControl.CryptoKeyAccessRule}CertificateDomains : {Exchange Server, Exchange Server.domain.com}HasPrivateKey : TrueIsSelfSigned : TrueIssuer : CN=Exchange ServerNotAfter : 8/19/2010 11:27:10 AMNotBefore : 8/19/2009 11:27:10 AMPublicKeySize : 2048SerialNumber : 099B878467EB938C492677B5D0C8FD78Status : ValidSubject : CN=Exchange ServerThumbprint : 08052A510B51F50343B21BDF76230A318F42A531 AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System .Security.AccessControl.CryptoKeyAccessRule, System.Securi ty.AccessControl.CryptoKeyAccessRule}CertificateDomains : {Exchange Server, Exchange Server.domain.com}HasPrivateKey : TrueIsSelfSigned : TrueIssuer : CN=Email ServerNotAfter : 8/19/2010 10:19:50 AMNotBefore : 8/19/2009 10:19:50 AMPublicKeySize : 2048SerialNumber : A3CC0438F8B9C0A248E0A30B9F0F1027Status : ValidSubject : CN=Exchange ServerThumbprint : 1C266BA9D8C8666F7269930C7FFD6B78F50AA063 AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System .Security.AccessControl.CryptoKeyAccessRule, System.Securi ty.AccessControl.CryptoKeyAccessRule}CertificateDomains : {Exchange Server, Exchange Server.domain.com}HasPrivateKey : TrueIsSelfSigned : TrueIssuer : CN=Exchange ServerNotAfter : 8/19/2010 10:19:33 AMNotBefore : 8/19/2009 10:19:33 AMPublicKeySize : 2048SerialNumber : A2682BE8101BE9AB43DF48E379B7F6C7Status : ValidSubject : CN=Email ServerThumbprint : F14DB5C48DEFDC695B434165424AB292D5EA012F AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System .Security.AccessControl.CryptoKeyAccessRule, System.Securi ty.AccessControl.CryptoKeyAccessRule}CertificateDomains : {Exchange Server, Exchange Server.domain.com}HasPrivateKey : TrueIsSelfSigned : TrueIssuer : CN=Exchange ServerNotAfter : 8/19/2010 10:02:47 AMNotBefore : 8/19/2009 10:02:47 AMPublicKeySize : 2048SerialNumber : C1E5D53F1097958E4AF95AFAD99BA506Status : ValidSubject : CN=Exchange ServerThumbprint : E610AA2B1BA8AE299F85903CE776CA8AD3A0CF84 AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System .Security.AccessControl.CryptoKeyAccessRule, System.Securi ty.AccessControl.CryptoKeyAccessRule}CertificateDomains : {Exchange Server.domain.com}HasPrivateKey : TrueIsSelfSigned : FalseIssuer : CN=Domain Controller 2, DC=Domain, DC=comNotAfter : 8/14/2011 1:33:51 PMNotBefore : 8/14/2009 1:33:51 PMPublicKeySize : 1024SerialNumber : 12C78A3C000000000014Status : ValidSubject : CN=Exchange Server.domain.com, OU=Exchange Server, O=Domain, L=Vienna, S=VA, C=U SThumbprint : 748F958DA290DC5A940086F8B6357E4184E3162F AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System .Security.AccessControl.CryptoKeyAccessRule, System.Securi ty.AccessControl.CryptoKeyAccessRule}CertificateDomains : {Exchange Server, Exchange Server.domain.com}HasPrivateKey : TrueIsSelfSigned : TrueIssuer : CN=Exchange ServerNotAfter : 10/25/2008 3:07:04 PMNotBefore : 10/25/2007 3:07:04 PMPublicKeySize : 2048SerialNumber : 89EF30DC337BC08A4DC2F93318A8F704Status : InvalidSubject : CN=Exchange ServerThumbprint : 5C7893E47E1226406BEC68661A33C44BA8BF7B3C AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System .Security.AccessControl.CryptoKeyAccessRule, System.Securi ty.AccessControl.CryptoKeyAccessRule}CertificateDomains : {Exchange Server, Exchange Server.domain.com}HasPrivateKey : TrueIsSelfSigned : TrueIssuer : CN=Exchange ServerNotAfter : 7/6/2008 11:06:56 AMNotBefore : 7/6/2007 11:06:56 AMPublicKeySize : 2048SerialNumber : 6C3CF24EFB85E69941B906DCC6C87FF8Status : InvalidSubject : CN=Exchange ServerThumbprint : C4070060C2BDD980636981AC63090AA92493C7C1

Please take a look at:http://technet.microsoft.com/en-us/library/bb232112.aspx

Hi,For the direct trust, the SMTP service must be enabled on that certificate. From your post information, I couldn't find whether the certificate has been enabled for SMTP service.You can use below commmand to enable it:Enable-ExchangeCertificate -Thumbprint E610AA2B1BA8AE299F85903CE776CA8AD3A0CF84 -Services "SMTP"ThanksAllen