Exchange 2010 | EventID 12014 Microsoft Exchange could not find a certificate that contains the domain name XCH01..local in the personal store on the local computer

When you recieve the following error in your eventlog on your Exchange 2010 server

Log Name: Application
 Source: MSExchangeTransport
 Date: 4-10-2013 7:45:15
 Event ID: 12014
 Task Category: TransportService
 Level: Error
 Keywords: Classic
 User: N/A
 Computer: XCH01.<servername>.local
 Description:
 Microsoft Exchange could not find a certificate that contains the domain name XCH01.<servername>.local
 in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb
 for the connector Default XCH01 with a FQDN parameter of XCH01.<servername>.local. If the connector's
 FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed
 certificates to make sure that there is a certificate with a domain name for that FQDN. If this
 certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the
 Microsoft Exchange Transport service has access to the certificate key.
 Event Xml:
 <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
 <System>
 <Provider Name="MSExchangeTransport" />
 <EventID Qualifiers="49156">12014</EventID>
 <Level>2</Level>
 <Task>12</Task>
 <Keywords>0x80000000000000</Keywords>
 <TimeCreated SystemTime="2013-10-04T05:45:15.000000000Z" />
 <EventRecordID>1053554</EventRecordID>
 <Channel>Application</Channel>
 <Computer>XCH01.<servername>.local</Computer>
 <Security />
 </System>
 <EventData>
 <Data>XCH01.<servername>.local</Data>
 <Data>Default XCH01</Data>
 </EventData>
 </Event>

Open powershel for Exchange
Enter command Get-ExchangeCertificate |FL to see if there is a certificate. You can see this also in the Exchange Console (EMC)

enter the command Get-ReceiveConnector | FL name, fqdn, objectclass
You see there is a local FQDN.

You need to enter New-ExchangeCertificate. You get a message to overwrite the current default SMTP certificate.
you have to CLICK NO.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.