Event ID/Source search
Keyword searchExample: Windows cannot unload your registry file
Event ID: 12013 Source: MSExchangeTransport
Microsoft Exchange couldn't find a certificate with a thumbprint of 73A9C8A1674A0C1B888BEC98762E03CBDC5038DE in the personal store on the local computer. This certificate was configured for authentication with other Exchange servers. Mail flow to other Exchange servers will be affected by this error. If the certificate with this thumbprint still exists in the personal store run Enable-ExchangeCertificate 73A9C8A1674A0C1B888BEC98762E03CBDC5038DE <services> SMTP to resolve the issue. If the certificate doesn't exist in the personal store restore it from backup by using the Import-ExchangeCertificate cmdlet or create a new certificate for the FQDN or the server enabled for SMTP by using New- ExchangeCertificate <domain name server fqdn> services SMTP.
|English: Request a translation of the event description in plain English.|
This happens when you are missing an authorized certificate with the FQDN, and Exchange keeps calling it up to start certain services. Usually this certificate is made when you first install Exchange, but said certificate can be deleted through various means and the system does not prompt you with a warning. Not a lethal error that kills Exchange outright, but it causes some gremlin issues you might overlook.
As per article "New-ExchangeCertificate" from TechNet, you need to use the following cmdlet in the EMS:
New-ExchangeCertificate -DomainController <FQDN>
Replace <FQDN> in the command above, with the fully qualified domain name of the server that shows up in your event id error log. Usually it is something like server.domain.local.
After doing this, you might get EventID 2159 from MSExchangeADAccess. If this is so, you'll need to setup the Certificate Manager, as explained in "How to Add Certificate Manager to Microsoft Management Console" from TechNet.
Export the FQDN certificate you just made using the cmdlet mentioned previously (normally found under Certificates (Local Computer) Personal -> Certificate), and import it into the Certificate folder located under Trusted Root Certification Authority. That will clear the Event ID 2159 error, because you have made the cert authorized.
|Private comment: Subscribers only. See example of private comment|
|Links: New-ExchangeCertificate, How to Add Certificate Manager to Microsoft Management Console, EventID 2159 from source MSExchangeADAccess|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
|Custom search for *****: Google - Bing - Microsoft - Yahoo|
Send comments or solutions
- Notify me when updated