Get Receive Connector Certificate Thumbprint, Feb 21, 2024 · Use Get-ReceiveConnector to identify the TlsCertificateName property of the desired connector. Feb 15, 2016 · The solution here is in the configuration of the receive connector that authenticated SMTP clients will be connecting to. lets say my domain is contoso. Where I am hitting a roadblock is I want to add the cert but only where it is needed. Aug 22, 2025 · Collect the new certificate information and run the commands to set the TLS certificate on the send connector and receive connector. If you have multiple certificates with the same FQDN, you can see which certificate Exchange selects by using the DomainName parameter to specify the FQDN. Nov 12, 2020 · –>Update the TLSCertificateName attribute on the Exchange On-Premises (Hybrid) Receive Connector which is receiving email from Office 365. Configuring the receive and send connector First, the thumbprint of the Solved. Obviously you will need to edit those commands with the actual connector names. Run Get-ExchangeCertificate -Thumbprint [Thumbprint from Get-ReceiveConnector] to retrieve details of the specific certificate. g. contoso. Oct 21, 2015 · For authenticated relay, configure the TLS certificate for the client front end connector For anonymous relay, configure a new receive connector that is restricted to specific remote IP addresses Determining Internal vs External Relay Scenarios There are generally two types of SMTP relay scenarios that Exchange Server 2016 is used for: Apr 13, 2022 · This connector is only for internal sending so we are using an internal CA for the cert. See update at bottom. Feb 11, 2018 · The situation is similar for wildcard certificates, where the corresponding wildcard entry is normally set as the common name and SAN attribute (e. com on the local server. New certificate is from same issuer as the old certificate. I've created a new certificate and it is installed on the server and available in Get-ExchangeCertificate. I had to renew (actually update) our hybrid Exchange 2016's certificate. Apr 16, 2021 · Removing and replacing certificates from Send Connector would break the mail flow. Follow these step-by-step instructions to update the TLS certificate name. Feb 21, 2024 · The receive connectors do not care or know about the thumbprint of the certificate. *. Using this command seems wrong, it prompts to replace other certs. Its looking for a certificate assigned to the SMTP service and with a subject name that matches the FQDN set on the connector. i followed the below steps but how do i validate tls certificate is renewed for these connectors A Send connector or Receive connector selects the certificate to use based on the fully qualified domain name (FQDN) of the connector. A quick Feb 13, 2024 · Learn how to obtain exchange certificates and update the TLS certificate name on a receive connector in Exchange. Mar 31, 2018 · In this article we are going to configure a certificate that was issued by a third part authority to the Client Frontend receive connector. We'll start with getting the thumbprint of the certificate using the Get-ExchangeCertificate cmdlet: Feb 3, 2022 · In this example, we will be setting the TLS Certificate Name on our Client Frontend Receive Connector. You can't use self-signed certificates for hybrid transport authentication. Another way is to rerun the Office 365 Hybrid Configuration Wizard and select the new certificate. May 9, 2025 · You can also set the TlsCertificateName value on the Receive connector by performing the following steps: Retrieving Thumbprint of a valid SMTP-enabled third-party certificate. i went to certificates and added the new wildcard certificate and noted the thumbprint. To firstly get the thumbprint of the certificate you want to use, you can run the following command from the Exchange Management Shell: Get-ExchangeCertificate This example displays detailed information for the Receive connector named Receive Connector for Contoso. Nov 12, 2020 · Then use the following PowerShell to apply the certificate to both the Send and Receive Connectors. To solve the problem, however, it is not necessary to replace the certificate; it is sufficient to configure the send and receive connectors accordingly. Apr 7, 2022 · Hi All I am using exchange 2016 hybrid environment. However, when I try to delete the old certificate, I get a warning that our 365 send connector is still using it. frankysweb. Note: Copy the certificate thumbprint because you need it when you renew Microsoft Exchange certificate in the next step. If you still want to proceed then replace or remove these certificates from Send Connector and then try this command. ” Mar 9, 2024 · Run the Get-ExchangeCertificate cmdlet to check the existing Microsoft Exchange certificate status. de). com which has expired. I assigned the new cert to the same services as the old one and said yes when asked if I want to overwrite. Even though you have enabled a valid SSL certificate for SMTP, the connector needs to be configured with the “TLS certificate name” that you want to use. com and i am using wild certificate *. $Cert = Get-ExchangeCertificate -Thumbprint <New Exchange Certificate> Receive Connector Zertifikate Inhaltsverzeichnis Kurzfassung Connectorwahl TLS-Auswahl STARTTLS TLSCertname Default Certificate TLS abfragen Banner Problem: Hostname <> Public Externe Receive Connectoren Exchange Hybrid Routing Zusammenfassung Weitere Links. Dec 18, 2025 · Troubleshoot issues with certificates In most cases, the following certificate-related issues affect hybrid functionality: Certificate type: The certificate used for secure hybrid transport and defined in the Hybrid Configuration wizard must be issued from a commercial CA. pf6l, 51ggg, to1, r5brg, k1al, hszf, dyy, f9t, xrkw7, d2hpj0ur,
© Copyright 2026 St Mary's University