The Secure Mail Certificate on server HYBRID01 is not bound to the SMTP Service

While configuring an Exchange 2013 organization in a hybrid scenario with Office 365 the Exchange Hybrid wizard stopped and showed the following error message:

Subtask CheckPrereqs execution failed: Configure Mail flow The Secure Mail Certificate on server HYBRID01 is not bound to the SMTP Service at Microsoft.Exchange.Management.Hybrid.MailFlowTask.CheckCertPrereqs()…

image

This was a dedicated Exchange 2013 server for hybrid connectivity. There were two other Exchange 2013 multi-role servers (in a DAG) and two Exchange 2013 Edge Transport servers for message hygiene, but these were not used for hybrid connectivity.

Although the server was configured properly, with an SSL certificate for the hybrid.exchangelabs.nl FQDN I forgot to bind the SMTP Transport service to this SSL Certificate as shown in the following figure:

image

A 3rd party SSL certificate (in this case from Digicert) is used to setup a TLS connection between Exchange Online and Exchange on-premises to setup a secure mail flow between the two.

You can use the Get-ExchangeCertificate | Enable-ExchangeCertificate command to bind the SMTP Transport service to the SSL Certificate as well as shown in the following figure:

image

After binding the SMTP protocol to the SSL certificate the Hybrid Configuration Wizard can be run again and this time it finishes successfully (or at least not fail on the SMTP part 😉

One thought on “The Secure Mail Certificate on server HYBRID01 is not bound to the SMTP Service”

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s