MsExchange Blog Spot Telnet25

October 2, 2009

This CA root Certificate is not trusted. To Enable trust, install this certificate in the Trusted Root Certification Authorities store.

Filed under: General — telnet25 @ 4:32 am

On previous article we talked about , certificate warning

Information you exchange with this site cannot be viewed or changed by others. However, there is a problem with the site’s security certificate.


The errors was causing by expired internal certificate on the CAS server or servers, as the limitation of internal issued certificates, ( expire in 1 year) we need to renew the expired certificate.

here is the link for more information


Here is summary how to deal with this situation

  • Get-ExchangeCertificate | FL  ( to see the status of cert installed and the thumbprint
  • Get-ExchangeCertificate -Thumbprint 56BB128980C53883BBF09AA0281FBC6471FB04FE | New-Certificate

**** you need to place your thumbprint

  • Get-ExchangeCertificate | FL  ( one more time to see the certs)

At this point you will see two of them , pay attention one is “Valid” one is not, it is Invalid.


you want to remove the Invalid one by typing

  • Remove-ExchangeCertificate –thumbprint 56BB128980C53883BBF09AA0281FBC6471FB04FE

Dont forget again the replace the correct thumbprint

Now you might need to enable the new cert with services

  • Enable-exchangecertificate -services IMAP, POP, UM, IIS, SMTP -Thumbprint DBA3601A10DF90E0F00462C03940C90B8BA87292

last time to make sure issue

  • Get-ExchangeCertificate | FL 

verify the Cert is valid and correct services are enable to use this internal cert.

oz Casey Dedeal,

MVP (Exchange)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +


Http:// (Blog)

Http:// (Blog)

Http:// (Blog

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at

%d bloggers like this: