服务器 Gind.cn
  1. 服务器 Gind.cn
  3. Exchange 2010 POP3 / IMAP4 / Transport服务抱怨他们在蓝屏后无法findSSL证书
Intereting Posts
Nginx – SSL,HSTS和代理请求到不同的CN Apache Tomcatpipe理页面 如何使rsync使用sudo 有没有一种好的方法来保持IPv6组播数据包closuresWiFi? 将进入点和CMD放入主pipe 用户权限分配策略与本地组成员之间的关系是什么? 如果网关位于不同的子网中,则安装CentOS 反向代理不提供本地错误页面 PCI-E转接卡可防止服务器启动 SSH公钥authentication – 总是要求用户生成自己的密钥对? Openvpn多个实例获得单一状态 如何为特定的python版本安装python模块 我可以隐藏所有服务器/操作系统信息? 为什么mkfs在Ubuntu 12.04的RAID分区上覆盖LVM上的LUKSencryption标题? RAID10 – 清洁,降级 – 缺less磁盘

Exchange 2010 POP3 / IMAP4 / Transport服务抱怨他们在蓝屏后无法findSSL证书

我们有一个单服务器Exchange 2010安装程序。 在今天凌晨,服务器有一个蓝色的屏幕,并重新启动。 回来后,POP3 / IMAP4和传输服务抱怨,他们找不到mail.example.com正确的SSL证书。

POP3: 

Log Name: Application Source: MSExchangePOP3 Date: 2012/04/23 11:45:15 AM Event ID: 2007 Task Category: (1) Level: Error Keywords: Classic User: N/A Computer: exch01.domain.local Description: A certificate for the host name "mail.example.com" couldn't be found. SSL or TLS encryption can't be made to the POP3 service.

IMAP4: 

 Log Name: Application Source: MSExchangeIMAP4 Date: 2012/04/23 08:30:44 AM Event ID: 2007 Task Category: (1) Level: Error Keywords: Classic User: N/A Computer: exch01.domain.local Description: A certificate for the host name "mail.example.com" couldn't be found. Neither SSL or TLS encryption can be made to the IMAP service.

运输: 

 Log Name: Application Source: MSExchangeTransport Date: 2012/04/23 08:32:27 AM Event ID: 12014 Task Category: TransportService Level: Error Keywords: Classic User: N/A Computer: exch01.domain.local Description: Microsoft Exchange could not find a certificate that contains the domain name mail.example.com in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector Default EXCH01 with a FQDN parameter of mail.example.com. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.

奇怪的是,Get-ExchangeCertificate显示所有相关服务启用了证书,并且OWA正在使用该证书完美地工作。 

 [PS] C:\Users\graeme\Desktop>Get-ExchangeCertificate Thumbprint Services Subject ---------- -------- ------- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX ....S. CN=exch01 YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY ....S. CN=exch01 ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ IP.WS. CN=mail.example.com, OU=Domain Control Validated, O=mail.exa...

这是计算机帐户的个人证书商店中的证书:

有没有人有任何获得POP3 / IMAP4 / SMTP指针再次使用该证书?

  1. 运行启用-ExchangeCertificate -Thumbprint -Service POP,对IMAP执行相同的操作:)。
  2. 检查您是否在CA服务器上启用了证书

我只validation客户端访问服务器对Internet的访问权限,如果证书更新没有警告,则在Microsoft Exchange的EMC中查看。