This happens when you are missing an authorized certificate with the FQDN, and Exchange keeps calling it up to start certain services. Usually this certificate is made when you first install Exchange, but said certificate can be deleted through various means and the system does not prompt you with a warning. Not a lethal error that kills Exchange outright, but it causes some gremlin issues you might overlook.
As per article "New-ExchangeCertificate" from TechNet, you need to use the following cmdlet in the EMS:
New-ExchangeCertificate -DomainController <FQDN>
Replace <FQDN> in the command above, with the fully qualified domain name of the server that shows up in your event id error log. Usually it is something like server.domain.local.
After doing this, you might get EventID 2159 from MSExchangeADAccess. If this is so, you'll need to setup the Certificate Manager, as explained in "How to Add Certificate Manager to Microsoft Management Console" from TechNet.
Export the FQDN certificate you just made using the cmdlet mentioned previously (normally found under Certificates (Local Computer) Personal -> Certificate), and import it into the Certificate folder located under Trusted Root Certification Authority. That will clear the Event ID 2159 error, because you have made the cert authorized.