Contact Us

|

Careers

|

Change Locale
close

Important Notice about Certificate Expiration for Exchange 2013 Hybrid Customers

Microsoft | Posted on March 1, 2016

 

If you’re running Exchange 2013 and you’ve configured a hybrid deployment with Office 365, this post contains important information that might impact you. Please evaluate this information and take any necessary action before April 15, 2016.

On 19th February 2016, the Microsoft Exchange Team issued a technical advisory notice on the Exchange Team Blog.

On April 15 2016, the Office 365 TLS certificate will be renewed in the Office 365 datacenter. This certificate is used by Office 365 to provide TLS encryption between Office 365 and external SMTP servers. The new certificate, which will help improve the security of mail sent to and from Office 365, will be issued by a new Certificate Authority and it will have a new Issuer and Subject.

This change has the potential to stop hybrid mailflow between Office 365 and your on-premises Exchange servers if one of the following conditions applies to you:

  • Your on-premises Exchange servers are running Exchange 2013 Cumulative Update 8 (CU8) or lower.
  • You’ve upgraded the Exchange 2013 servers that handle hybrid mailflow to Exchange 2013 CU9 or higher. However, since upgrading to CU9, you HAVE NOT re-run the Hybrid Configuration wizard.

If one of the previous conditions applies to your organization, hybrid mailflow between Office 365 and your organization will stop working after April 15, 2016.  This only affects hybrid mailflow. Regular mailflow and TLS encryption is NOT affected.

Solution:

1. Use Hybrid Configuration Wizard (HCW)

  • If you are running Exchange 2013 CU8 or lower, follow these instructions to update to the latest version of Exchange 2013
  • When you update Exchange 2013, download the new HCW and run the wizard (Instructions are here)

2. Manual Update (if #1 fails)

  • Open Exchange Management Shell and within each Exchange 2013 server (hybrid mail flow only), run the following commands:

$rc=Get-ReceiveConnector |where {$_.TlsDomainCapabilities -like “*<I>*”}
Set-ReceiveConnector -Identity $rc.Identity -TlsDomainCapabilities “mail.protection.outlook.com:AcceptCloudServicesMail

3. Let Softchoice help you

  • We have Microsoft Exchange experts who can assist you with this, by scheduling a short virtual engagement to walk through this update with you or perform it for you. This typically doesn’t take longer than 2 hours.
  • We also recommend to take this opportunity to do a broader assessment of your Office 365 Exchange Online and On Premise hybrid deployment. We call this a Health Analyzer service that is designed to audit your features and functions configurations. Based on the results of that check, we then will provide you with recommendations and best practices. This engagement will typically last a day to 3 days depending on the scale of your environment and is typically done remotely.
  • Download this to learn more about our Office 365 services.

Related Articles

Culture | August 14, 2020 by Softchoice

Picture someone about to start their first day at an exciting new job.   A few weeks ago, they completed several great interviews – all using video calling software.    Now, they begin Day 1: grabbing a cup of coffee, signing into their computer, starting their onboarding documentation. Just after 9 am, they get ready to meet with their new manager and teammates – all people they’ve only met through a computer screen.   Later that day, a representative from their human resources (HR) team reaches out to check-in about their experience as a candidate and now as […]

Culture | August 6, 2020 by Softchoice

This July, we celebrated our third annual Social Impact Month.   At Softchoice, July serves as a rallying point for every person in the company to generate meaningful impact. With the unprecedented events of this year, it was more important than ever that we looked to better support the communities in which we live and work while building a more giving and compassionate culture.   Although our […]

Culture | July 27, 2020 by Softchoice

Toward the end of February, the reality of the COVID-19 pandemic was becoming more evident to the Softchoice leadership team. Our People and Growth leaders knew they would need an agile response to keep our people and our customers safe.    Our business continuity plans to address technology redundancy were in place.  As a result of processes that had been in place for 3 years, we were perhaps ahead of most in our ability to move to a full remote work […]