This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 91%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
as above error, however, i have already checked the certificate and it is normal, i also had done the same steps as suggestion by microsoft,
New-ExchangeCertificate -KeySize 2048 -PrivateKeyExportable $true -SubjectName "cn=Microsoft Exchange Server Auth Certificate" -FriendlyName "Microsoft Exchange Server Auth Certificate" -DomainName @()
Set-AuthConfig -NewCertificateThumbprint <新的证书ID> -NewCertificateEffectiveDate (Get-Date)
Set-AuthConfig -PublishCertificate
Set-AuthConfig -ClearPreviousCertificate
————————————————
but when i accessed the ecp, the same error shown:
HMACprovider.GetCertificates:ProtectionCertificates.Length<1
how can i resolve the issue?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 67%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJK%3C/text%3E%3C/svg%3E)
Use this to create a new certificate:
Make sure you restart the WebAppPools mentioned in the documentation. It should take effect immediately but can take up to an hour to take effect.
while actually i had done it yesterday in accordance with Microsoft, but i didn't work. this morning i open the ecp again and find it working.
i don't know what's the reason, but anyway thank you very much.
Yeah, sometimes it can take a while to propagate. Glad it's working now though! Please can you accept my answer as the solution as well? Thanks.
Are you sure the new certificate thumbprint is assigned to ECP and OWA virtual directories?
If so, you can try an IISreset, to restart all the web services, this error web page comes after you put the credentials for login to ECP?
Regards.
how to check if the new certificate thumbprint is assgigned to ecp? are there any PS command?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(73.60000000000001, 94%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELM%3C/text%3E%3C/svg%3E)
Hi @老马 负轭 ,
Welcome to our forum.
Is ECP working now?
“While actually i had done it yesterday in accordance with Microsoft, but i didn't work. this morning i open the ecp again and find it working.”
After creating and deploy a new OAuth certificate to the Exchange server, you need to wait for a few hours for the ECP to work. It should take effect immediately if you restart IIS or recycle the Outlook on the web and EAC application pools.
If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hi,
It has been a few days and I am checking in to see how things are going on with this issue.
If the above suggestion helps, please click “Accept answer” to mark helpful reply. Your action would be helpful to other users who encounter the same issue and read this thread.
warm thanks.
many thanks LilyLi2, the ECP is working. however, i have restarted the IIS and even restarted the server, but actually it took a night to effect as i can access the ECP the second morning.
Hi @老马 负轭 ,
In that case can you please accept my answer above as the accepted answer so people in the Q/A forum can use this in future.
Thanks in advance,
Jonathon