Replacing expired internal transport certificate in Microsoft Exchange Hub Transport Server with new certificate

As a busy system administrator, you could overlook as below event logs.

You need to renew the expired internal transport certificate when you see this event logs.

It's easy.

First you need to check the certificate details with Powershell command as below

Get-ExchangeCertificate | fl

Then you know what certificate is expired and what are its service and thumbprint.

Once you knew all details about it, take note/copy thumbprint of it and try to replace with new certificate by using Powershell command as below.

Get-ExchangeCertificate –Thumbprint "Invalid Certificate Thumbprint Here" | New-ExchangeCertificate 

Powershell will prompt you to perform overwrite the existing certificate. Just type "Y" or "Yes" or hit "Enter".

Now you already replaced out of date internal transport certificate.

Next step is to remove the invalid/ out of date certificate.

Use below Powershell command to remove it.

Remove-ExchangeCertificate -ThumbPrint "old-thumbprint-here"

Yes. You've done in replacing new certificate with old certificate and removed the invalid certificates from your server.

May you all be happy.
(Be knowledgeable, pass it on then)

Post a Comment