Since updating our SSL Certificate Migration Endpoint cannot connect to On Prem Exchange

Steve Cox 0 Reputation points
2024-06-18T09:03:28.74+00:00

Have Tried Recreating the the Endpoint but it will not Validate, when I run Test-MigrationServerAvailability I get the Following

"Result : Failed

Message : The connection to the server 'Server Name‎‎' could not be completed.

SupportsCutover : False

ErrorDetail : Microsoft.Exchange.Migration.MigrationServerConnectionFailedException: The connection to the server 'Server Name‎' could not be completed.

               ---> Microsoft.Exchange.MailboxReplicationService.MRSRemoteTransientException: The call to 'https://URL/EWS/mrsproxy.svc' timed out. Error details: 

              The request channel timed out attempting to send after 00:00:00. Increase the timeout value passed to the call to Request or increase the SendTimeout value on the 

              Binding. The time allotted to this operation may have been a portion of a longer timeout. --> The HTTP request to 'https://URL/EWS/mrsproxy.svc' has 

              exceeded the allotted timeout of 00:00:00. The time allotted to this operation may have been a portion of a longer timeout.

               ---> Microsoft.Exchange.MailboxReplicationService.MRSRemotePermanentException: The request channel timed out attempting to send after 00:00:00. Increase the timeout 

              value passed to the call to Request or increase the SendTimeout value on the Binding. The time allotted to this operation may have been a portion of a longer timeout.

               ---> Microsoft.Exchange.MailboxReplicationService.MRSRemotePermanentException: The HTTP request to 'https://URL/EWS/mrsproxy.svc' has exceeded the 

              allotted timeout of 00:00:00. The time allotted to this operation may have been a portion of a longer timeout.

              OriginalFailureType: TimeoutException, WellKnownException: MRSRemote 
Microsoft Exchange Online
Exchange Server
Exchange Server
A family of Microsoft client/server messaging and collaboration software.
1,180 questions
Microsoft Exchange Hybrid Management
Microsoft Exchange Hybrid Management
Microsoft Exchange: Microsoft messaging and collaboration software.Hybrid Management: Organizing, handling, directing or controlling hybrid deployments.
1,985 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Noah Ma-MSFT 2,340 Reputation points Microsoft Vendor
    2024-06-19T09:01:22.3+00:00

    Hi @Steve Cox,

    Thank you for posting to Microsoft Community.

    Based on your description, I understand there is an issue with the connection in your migration endpoint after you updated your SSL Certificate.

    I suggest you could try the following to troubleshoot.

    • Check whether TLS 1.2 is enabled.
    • Please disabled and enabled MRS option and then restarted IIS to take the action effective.
    • Enable basic authentication on Web Services Virtual Directory by the following command: Set-WebServicesVirtualDirectory -Identity "Server\EWS (default Web site)" –BasicAuthenticaition $true
    • Check proxy and firewall settings and ensure your firewall settings to allow connections from O365. You can refer to Microsoft 365 URLs and IP address ranges - Microsoft 365 Enterprise | Microsoft Learn for more information.

    You can refer scenario 1 in the document for more information: Troubleshooting Hybrid Migration Endpoints in Classic and Modern Hybrid - Microsoft Community Hub.

    Also, please verify that your certificate is properly configured and trusted by all parties involved since it just occurred when you updated the certificate.

    Hope it helps and if there are anything else you need help, please feel free to contact me.


  2. Amit Singh 4,866 Reputation points
    2024-06-20T11:40:04.74+00:00

    Steps to diagnose and potentially resolve the issue:

    -Double-check the SSL certificate installation on your Exchange server.

    -Sometimes, restarting Exchange services can resolve connectivity issues after certificate updates. Restart the Microsoft Exchange Mailbox Replication service (MSExchangeMailboxReplication) and any other relevant Exchange services.

    -Ensure that your firewall and any proxy servers are not blocking traffic required for migration endpoints to connect to Exchange. Verify that necessary ports (like HTTPS/443) are open and correctly forwarding traffic to your Exchange server.

    -Review the configuration of your Migration Endpoint. Ensure that the settings, including the server name and authentication credentials, are accurate and up to date.

    -Confirm that Autodiscover is correctly configured and functioning for your Exchange server environment.

    -If the credentials for the Migration Endpoint have changed (for example, due to password updates), ensure that you update them in the migration endpoint configuration.

    0 comments No comments