This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(243.2, 24%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECK%3C/text%3E%3C/svg%3E)
on exchange 2013 (we are in hybrid mode btw) , preparing to upgrade to latest CU23, doing prereqs and found that although I have a certificate named "Microsoft Exchange Server Auth Certificate" and it is assigned to SMTP, it appears I do not have a valid certificate for OAuth. even though everything is working fine.
so I run this in powershell:
Get-AuthConfig).CurrentCertificateThumbprint | Get-ExchangeCertificate | Format-List
and I receive the error:
A special Rpc error occurs on server EXCHANGSERVER: The certificate with thumbprint
blahblahblah was not found.
so I go to create new OAuth cert by running this in powershell:
New-ExchangeCertificate -KeySize 2048 -PrivateKeyExportable $true -SubjectName "cn=Microsoft Exchange Server Auth Certificate" -FriendlyName "Microsoft Exchange Server Auth Certificate1" -myemaildomain.com @()
and get this error in return:
A positional parameter cannot be found that accepts argument ''."
as far as I can tell I am following the example correctly, from what I have seen online it does require the .com at the end of my email domain, and that is the only "." i see. can someone point out my mistake?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 67%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJS%3C/text%3E%3C/svg%3E)
Any progress so far? Has your certificate been rebuilt successfully by specifying the domain name?
If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Needs to be:
New-ExchangeCertificate -KeySize 2048 -PrivateKeyExportable $true -SubjectName "cn=Microsoft Exchange Server Auth Certificate" -FriendlyName "Microsoft Exchange Server Auth Certificate"
-DomainName myemaildomain.com -Services SMTP
If prompted to overwrite the existing SMTP Certificate, choose NO.
so I need to remove the "@()" at the end? all the examples I saw online had that.
Correct. you dont need that @().
It just represents the empty array
Enter your email domain there instead after the -DomainName switch
-DomainName myemaildomain.com