Microsoft Exchange 2007 regularly logs following errors in Windows Application Logs:
Event ID: 12014
Microsoft Exchange could not find a certificate that contains the domain name <server-name.domain.local> in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector Default Send Connector with a FQDN parameter of <server-name.domain.local>. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.
As the error description suggest, the issue is caused by Microsoft Exchange not being able to find a certificate with a certificate domain value as it appears in the default Send Connector (very similar error could be also logged for the Receive Connectors).
To resolve the issue create a new self-signed certificate with matching FQDN and assign it to the SMTP service:
- Open Exchange Management Console and run: New-exchangecertificate -domainName <server-name.domain.local>
- It should automatically prompt you to assign the new certificate to the SMTP service. If it doesn't, you can do it manually:
- Run Get-ExchangeCertificate | FL
- Copy Thumbprint value of your new certificate
- Run Enable-ExchangeCertificate -thumbprint "<Thumbprint_Value>" -services SMTP
Windows Small Business Server 2008
Microsoft Exchange Server 2007