Click for text version
Magnus Wedberg / home

Exchange 2010/Office 365 hybrid configuration certificate woes
If you are setting up an Exchange hybrid configuration with the wizard, and are getting the "No valid certificate exists for the hub transport server(s)" although seeing certificates in the dropdown, and have tried verifying that your certificate's RootCAType is Third party, and that it is assigned to both IIS and SMTP, there may be an easier solution not mentioned anywhere else.

Remove all old expired certificates with the same name you might have lying around. Note that while you can do this from the Exchange console (Microsoft Exchange On-premises/Server configuration/Select your server/Exchange certificates, at the bottom), it may not actually update the view (even if refreshing) so it looks like it doesn't work, but it does, if you want you can verify this in the certificate store (Certificates/Local/Certificates) accessible in MMC Certificates. You can also watch them disappear with Get-ExchangeCertificate | fl of course.

Afterwards, just back up in the wizard and go forward again, you don't have to re-run the wizard.

photos articles services about