Edgesync Credentials Not Found For Edge Transport
I have an Edge Server deployed in a DMZ. I generated and imported the edge subscription w/o errors. But when i run test-EdgeSynchronization on the Hub transport server i get “No Edgesync credentials were found for edge transport server…” I also receive error 1032 MSExchange EdgeSync “no credentials for edge server” in the Hub transport servers app log.
After some investigation I found out what was the cause of this problem and fixed it. It was a certificate mismatch between the Hub Transport server and the Edge Server. Actually exchange 2007 see mismatch credential in case that Exchange self signed certificate is missing (corrupted or deleted by mistake).
Steps to check the certificate problem:
1. Verify that Hub is able to communicate with Edge on port 50636.
2. Run “Get-ExchangeCertificate” cmdlet on Hub and see if there are any certificates.
3. If there are no certificates found,then regenerated Exchange self signed certificate.
4. In the Exchange Management Shell, run the “New-ExchangeCertificate” cmdlet.
5. It throws a warning and creates a new Exchange Server Certificate.
6. Restart the Transport Service on the Hub.
7. Verify that the thumbprint of the new certificate now matches with the version stored in AD .
8. Remove the present Edge Subscription from the Hub and restart Transport Service.
9. Run “Remove-EdgeSubscription” on the Edge and restart Transport Service.
10. Create a new Edge Subscription on the Edge using “New EdgeSubscription” cmdlet and import the xml file to Hub.
11. Re-subscribe the Edge using the new Subscription file.
12. Initiate synchronization using “Start-EdgeSynchronization” CMDlet.
Now the EdgeSync shall work fine.
Dude, I think I love you. Hours of my life spent though the night working on this, but countless more saved with your genius!
Remember to Remove-ExchangeCertificate followed by the corresponding thumbprint.
Brilliant! Thank You,
-Brian
Mohamed, this information has been a tremendous help to me! Thanks so much for sharing it!!!!!!!
Joel
thanks guy, thats the stuff.
I am unable to view Certificate for CAS instead I am getting MBX server certificate. Also what is the process to Verify the thumbprint of the new certificate matches with the version stored in AD
I do not understand why you want the CAS certificates..to show the thumbprint use Get-ExchangeCertificate
I think CAS certificate will be used for authentication with Edge server, correct me if I am wrong.
How to match the thumbprint of the certificate with the version stored in AD,
nop… the Hub certificate is used for EdgeSync with the Edge server
for Matching the thumbprint..just make sure that certificates have the same
Thanks a lot! I understood many this with this post. Blessings.
Excellent Article, you have saved my day, God Bless you.