To add a large point to that, the self-signed cert should *not* be removed or
you'll break it. I don't know the intimate details however it's my
understanding internal servers and consoles etc use this to communicate. I
snaped a lab recently and removed it and after a reboot it was awefully
bro
Use openssl to determine what cert is actually being presented. Or turn up
logging on the relevant receive and send connectors and examine those logs for
the third-party.
The LAST certificate set for use by SMTP should be the one that is used, except
internally, which should use the internal de
We run Exchange 2010 in a two-node DAG. There is a third-party hosted product
that we have an IPsec VPN with, but they fail to send email as they do not
trust the certificate being presented to them. On each node, there is a
self-signed certificate each server has issued to itself (EXSRVR1/EXSRV
