Replace Exchange Webmail Certificate
1. Get a new SSL Certificate for webmail.huscointl.com
2. In the Certificate Manager install the certificate into Computer -> Personal Store on EXCH1-WA and EXCH2-WA
Ensure that the certificate we are importing has a Private Key, you will need this to import it onto the other server
When renewing the certificate, it would help to have a Friendly Name such as ExchangeSectigoYYYY
4. Double-click on the certificate and open the “services” section
Ensure that SMTP, IMAP and POP are selected and click “Save”
If it tells you to overwrite the existing certificate say NO
6. Expand “Certificates & Security” -> Select SSL Certificates -> Find the entry for webmail.huscointl.com -> Click on “Replace Certificate”
7. Click on “Choose File” and select the same SSL Cert we installed on the Exchange servers above
8. Navigate back to EXCH1-WA and EXCH2-WA and open IIS
9. Expand EXCH1-WA (or EXCH2-WA) -> Sites -> Select “Exchange Back End” and click on “Bindings…”
10. Double-click on “https”, under SSL Certificate select the self-signed SSL Cert (in this case Microsoft Exchange) then select “OK”
11. Finally restart the IIS service by opening a CMD prompt and typing in “iisreset” and the hit the enter key
Make sure to grab the thumbprint of the new SSL certificate which can be found by looking at the Details tab when looking at the new certificate
5485DF7E3BE96668458BAA356FA0EA09E217CA90
Run the following commands in Exchange Management Shell on Both Server:
Repeat this step on the other EXCH server
14. Make sure the message queue isn’t filling up
On both EXCH servers run the following command from an Exchange Management Shell command window
Example of queue filling up below: (we can see 549 messages stuck)
If you see messages getting stuck and have performed all previous steps, run the following command:
Retry-Queue -Identity exch1-wa\9
Re-run the Get-Queue message and verify the MessageCount is going down
**DO NOT CLOSE YOUR POWERSHELL WINDOW**
15. Next we fix the Inbound Connector
16. Verify the migration endpoint has the user for hybrid connections entered in
Office 365 -> dashboard -> migration -> … -> migration endpoints -> double-click on webmail.huscoint.com