creating new OAuth certificate exchange 2013

Captain Kirk 121 Reputation points
2021-11-28T20:23:54.467+00:00

on exchange 2013 (we are in hybrid mode btw) , preparing to upgrade to latest CU23, doing prereqs and found that although I have a certificate named "Microsoft Exchange Server Auth Certificate" and it is assigned to SMTP, it appears I do not have a valid certificate for OAuth. even though everything is working fine.

so I run this in powershell:
Get-AuthConfig).CurrentCertificateThumbprint | Get-ExchangeCertificate | Format-List

and I receive the error:

A special Rpc error occurs on server EXCHANGSERVER: The certificate with thumbprint
blahblahblah was not found.

  • CategoryInfo : NotSpecified: (:) [Get-ExchangeCertificate], InvalidOperationException
  • FullyQualifiedErrorId : [Server=EXCHANGSERVER,RequestId=dfgde3r53dfg33,TimeStamp=11/28/2021 4
    :42:18 PM] [FailureCategory=Cmdlet-InvalidOperationException] CDB48CE5,Microsoft.Exchange.Management.SystemConfigurationTasks.GetExchangeCertificate
  • PSComputerName : exchangserver.mydomain.com

so I go to create new OAuth cert by running this in powershell:

New-ExchangeCertificate -KeySize 2048 -PrivateKeyExportable $true -SubjectName "cn=Microsoft Exchange Server Auth Certificate" -FriendlyName "Microsoft Exchange Server Auth Certificate1" -myemaildomain.com @()

and get this error in return:
A positional parameter cannot be found that accepts argument ''."

as far as I can tell I am following the example correctly, from what I have seen online it does require the .com at the end of my email domain, and that is the only "." i see. can someone point out my mistake?

Microsoft Exchange Hybrid Management
Microsoft Exchange Hybrid Management
Microsoft Exchange: Microsoft messaging and collaboration software.Hybrid Management: Organizing, handling, directing or controlling hybrid deployments.
1,238 questions
Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
6,091 questions
{count} votes

Accepted answer
  1. Andy David - MVP 109.9K Reputation points Microsoft MVP
    2021-11-28T20:46:01.81+00:00

    Needs to be:

    New-ExchangeCertificate -KeySize 2048 -PrivateKeyExportable $true -SubjectName "cn=Microsoft Exchange Server Auth Certificate" -FriendlyName "Microsoft Exchange Server Auth Certificate"   
    -DomainName myemaildomain.com -Services SMTP  
    

    If prompted to overwrite the existing SMTP Certificate, choose NO.

    https://learn.microsoft.com/en-us/exchange/troubleshoot/administration/exchange-oauth-authentication-could-not-find-the-authorization


0 additional answers

Sort by: Most helpful