by butsch
7. March 2017 15:53
You try to activate a WILDCARD Certificate for IMAP or POP Services for Exchange 2010.
Either GUI or Powershell this does not work as wanted:
|
Enable-ExchangeCertificate -Server ' exchange2010' -Services 'IMAP, IIS, SMTP' -Thumbprint 'C22E2AE9FC07C7DA55454522B0E0ACF996C8' |
ERROR:
This certificate with thumbprint C22E2AE9FC0646473449422B0E0ACF996C8 and subject '*.butsch.ch' cannot used for IMAP SSL/TLS connections because the subject is not a Fully Qualified Domain Name (FQDN). Use command Set-IMAPSettings to set X509CertificateName to the FQDN of the service.
Solution:
Is to set the parameter with SET-POPSETTINGS and set-IMAPSETTINGS:
Set-POPSettings -X509CertificateName exchange2010internalname.butsch.ch
Set-IMAPSettings -X509CertificateName exchange2010internalname.butsch.ch
Restart the services:
restart-service MSExchangePOP3
restart-service MSExchangeIMAP4
Check what you changed:
Get-popsettings
Get-imapsettings
Technet Links:
Exchange 2010
https://technet.microsoft.com/de-de/library/bb691401(v=exchg.141).aspx
For Exchange 2013:
If you want this active FROM External (Which we don't recommend!) on your 2013 don't forget to set these parameters:
Set-POPSettings -ExternalConnectionSetting {mysamplenamethirdleveldomain.butsch.ch:995:SSL}
Set-ImapSettings -ExternalConnectionSetting {mysamplenamethirdleveldomain.butsch.ch:993:SSL}
https://technet.microsoft.com/en-us/library/jj657728(v=exchg.150).aspx
Exchange 2013 Log Options:
https://technet.microsoft.com/de-de/library/aa997690(v=exchg.150).aspx
Done forget to enable (Turn to automatic) the POP or IMAP3 Service and start it.
4195947a-9098-44e1-b58a-afe8b74c309d|139|5.0|27604f05-86ad-47ef-9e05-950bb762570c
Tags: