What are the symptoms of an expired "Microsoft Exchange Server Auth Certificate"?

Caspar - ABO 161 Reputation points
2023-01-17T13:01:51.8633333+00:00

So I recently inherited an older Exchange 2013 Standard server (fully patched)

I noticed that the Microsoft Exchange Server Auth Certificate has been expired for a long time.

There are no complaints or any issues reported by the users but I have noticed a few things myself and I wonder if they are related.

I know how to renew this certificate but I wonder if anyone knows what kind of symptoms you would see if such a certificate has expired?

[Image

](https://filestore.community.support.microsoft.com/api/images/95392211-915b-4aba-9377-139901b1015c?upload=true)

What I noticed myself is some users, not all, get a message that the server is unavailable if you want to set an Out of office reply from Outlook. Setting Out of office using OWA works fine.

I also noticed that in Outlook, some users get mailboxes automapped even though they don't even have Full Access anymore. If you create a new Outlook profile these mailboxes show up again but when viewing ECP no Full Access permissions are listed...

Could these be related?

Exchange Server
Exchange Server
A family of Microsoft client/server messaging and collaboration software.
956 questions
Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
7,206 questions
Microsoft Exchange
Microsoft Exchange
Microsoft messaging and collaboration software.
336 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Andy David - MVP 137.9K Reputation points MVP
    2023-01-17T13:15:04.5366667+00:00

    I don't typically relate that to an expired OAuth cert, however there has been a lot of changes in the last year with security updates and Exchange, so you absolutory need to renew that cert.

    The latest Jan 2023 SU for example:

    [https://support.microsoft.com/en-us/topic/certificate-signing-of-powershell-serialization-payload-in-exchange-server-90fbf219-b0dd-4b2c-8a68-9d73b3309eb1

    User's image

    0 comments No comments

  2. Yuki Sun-MSFT 40,176 Reputation points
    2023-01-18T07:45:47.71+00:00

    Hi @Caspar - ABO ,

    Could these be related?

    Regarding the automapping issue, personally I haven't seen similar cases which was caused by an expired OAuth cert. But the issue when accessing the Out-of-Office settings might have something to do with it based on what I've read.

    Below is a blog which lists some potentially relevant symptoms of an expired OAuth cert:
    [Expired Microsoft Exchange Server Auth Certificate]
    (Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.)
    1

    This official document also mentions that users may having problem accessing OWA/ECP when the OAuth cert is expired.

    Anyways, agree with Andy that it's highly recommended to renew this certificate soon.


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.