OWA stopped working after updating certificate in on-prem exchange server exchange 2016

Abhishek Kumar 21 Reputation points
2022-08-19T12:22:20.593+00:00

Hello I have asked a question different portal in exchange and they suggested to check here.

Please help.

Question in another portal:

https://answers.microsoft.com/en-us/outlook_com/forum/all/owa-stopped-working-after-updating-certificate-in/36dc9ce4-a610-449d-a6bb-3f843133bb43

Attached the screenshot of the error, and below is the writeup:

Hello,

I have recently updated the SSL certificate for Exchange server for the URL and after updating i got error for ECP portal:

Image

I checked in event viewer and got this error:

[Owa] An internal server error occurred. The unhandled exception was: System.NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.Exchange.HttpProxy.FbaModule.ParseCadataCookies(HttpApplication httpApplication)
at Microsoft.Exchange.HttpProxy.FbaModule.OnBeginRequestInternal(HttpApplication httpApplication)
at Microsoft.Exchange.HttpProxy.ProxyModule.<>c__DisplayClass16_0.<OnBeginRequest>b__0()
at Microsoft.Exchange.Common.IL.ILUtil.DoTryFilterCatch(Action tryDelegate, Func2 filterDelegate, Action1 catchDelegate)

Image

Followed the steps as suggested:

https://learn.microsoft.com/en-us/exchange/troubleshoot/administration/cannot-access-owa-or-ecp-if-oauth-expired

but I can see the certificate is not expired:

Image

Still I tried to follow the process further and generated a new certificate and when in tried set-authconfig got this error:

Image

please help on this issue.

232875-screenshot.png

Microsoft Exchange Online Management
Microsoft Exchange Online Management
Microsoft Exchange Online: A Microsoft email and calendaring hosted service.Management: The act or process of organizing, handling, directing or controlling something.
4,166 questions
Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
7,335 questions
Microsoft Exchange Hybrid Management
Microsoft Exchange Hybrid Management
Microsoft Exchange: Microsoft messaging and collaboration software.Hybrid Management: Organizing, handling, directing or controlling hybrid deployments.
1,875 questions
{count} votes

Accepted answer
  1. Aholic Liang-MSFT 13,741 Reputation points Microsoft Vendor
    2022-08-22T08:53:09.787+00:00

    Hi @Abhishek Kumar

    This issue occurs if the Exchange Server Open Authentication (OAuth) certificate is expired, not present, or not configured correctly.

    According to the screenshot of Get-AuthConfig that you provided, the main cause for this issue is not that the certificate expires, but because the Microsoft Exchange Server Auth Certificate is not present.
    When you run the set-authconfig command, please replace <ThumbprintFromStep1> with the newly generated Thumbprint by copy-pasting it directly to avoid typing the wrong characters and manually.

    233398-2022-8-22-3.png


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


1 additional answer

Sort by: Most helpful
  1. Amit Singh 4,846 Reputation points
    2022-08-23T04:29:46.35+00:00

    To fix this issue, install the latest cumulative update for Exchange Server 2019.
    Check these articles for help - https://support.microsoft.com/en-us/topic/event-ids-1003-1309-and-4999-are-logged-after-installing-exchange-server-2019-cu8-1295c555-d590-4a06-a53a-c14a0f363ee3
    https://www.stellarinfo.com/blog/microsoft-exchange-remote-code-execution-vulnerability-flaws-and-fixes/

    Also, try to replace the backend self-signed certificate for the new certificate. Do not replace those. Keep the self-signed.

    1 person found this answer helpful.