Office365

The Secure Mail Certificate on server HYBRID01 is not bound to the SMTP Service

1 Comment

While configuring an Exchange 2013 organization in a hybrid scenario with Office 365 the Exchange Hybrid wizard stopped and showed the following error message:

Subtask CheckPrereqs execution failed: Configure Mail flow The Secure Mail Certificate on server HYBRID01 is not bound to the SMTP Service at Microsoft.Exchange.Management.Hybrid.MailFlowTask.CheckCertPrereqs()…

image

This was a dedicated Exchange 2013 server for hybrid connectivity. There were two other Exchange 2013 multi-role servers (in a DAG) and two Exchange 2013 Edge Transport servers for message hygiene, but these were not used for hybrid connectivity.

Although the server was configured properly, with an SSL certificate for the hybrid.exchangelabs.nl FQDN I forgot to bind the SMTP Transport service to this SSL Certificate as shown in the following figure:

image

A 3rd party SSL certificate (in this case from Digicert) is used to setup a TLS connection between Exchange Online and Exchange on-premises to setup a secure mail flow between the two.

You can use the Get-ExchangeCertificate | Enable-ExchangeCertificate command to bind the SMTP Transport service to the SSL Certificate as well as shown in the following figure:

image

After binding the SMTP protocol to the SSL certificate the Hybrid Configuration Wizard can be run again and this time it finishes successfully (or at least not fail on the SMTP part 😉

One thought on “The Secure Mail Certificate on server HYBRID01 is not bound to the SMTP Service”

  1. Pingback: Exchange 2013 Hybrid Configuration Wizard (Part II) | Jaap Wesselius

Leave a Reply

Please log in using one of these methods to post your comment:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s