Read time 6 minutes
Exchange Server follows the Transport Layer Security to communicate with internal servers and various Exchange services. But it also requires communicating with external clients regularly and therefore different kinds of digital certificates are used. A digital certificate verifies the identity of the Exchange Server or user account. In an on-premises Exchange Server, there are three self-signed digital certificates used to validate the connections with various services and external clients. One such certificate is the ‘Microsoft Exchange Server Auth Certificate.’
The Auth Certificate is helpful in server-to-server authentication and integration with SharePoint Server and Skype for Business. You can check all certificates in the Certificates category under servers in Exchange Admin Center.
Many user queries say that they have a successful deployment of their Exchange Server version, but when they try to access OWA, an error pop up like this.
’Federation or Auth certificate not found: “Certificates-thumbprint.” Unable to find the certificate in the local or neighboring sites. Confirm that the certificate is available in your topology and if necessary, reset the certificate on the Federation Trust to a valid certificate using Set-FederationTrust or Set-AuthConfig. The certificate may take time to propagate to the local or neighboring sites.’
The error itself describes that the certificate is missing or cannot be configured. This disturbs the server to server authentication and communication and even blocks accessing those servers.
This issue of missing Exchange Server Auth Certificate can be resolved by creating a new certificate by running cmdlets in the Exchange Management Shell. The process of running cmdlets requires technical knowledge as well as great care to avoid any further error. Also, the user must have Exchange administrator rights to perform this procedure. If you have all this pre-requisites completed, start the process as instructed below:
When you execute the above command, it asks to confirm regarding the effective date of the certificate. Confirm it by typing Y and pressing Enter.
Note: If you have any previously installed Exchange certificate, you need to clear it with the following command.
Thus, you can fix the error ‘the Exchange Auth Certificate is missing.’
As the error was technical, the method explained above requires technical skills and expert guidance to perform it successfully. One should be familiar with running the cmdlets in the Exchange Management Shell to accomplish the desired result from the above process.
Apart from this error, there are many other Exchange errors and issues administrators face in the Exchange environment. Though we have some free methods to convert EDB to PST in case of corruption issue also, using them would be a tedious and risky task. So, we undoubtedly recommend the Exchange users stuck in these situations to go for the best Exchange data repair solution.
Kernel for Exchange Server is the best Exchange Server recovery tool which deals with all problems or errors related to the Exchange database and then recovers inaccessible Exchange mailboxes to various destinations like PST, Live Exchange, Microsoft 365, etc. The tool maintains the integrity of the Exchange data after the recovery and allows users make selection of data using the filter options before saving it to the desired location. Try its efficient features with its demo version which is available free for download on the site.
After following all the steps of given method to resolve the Exchange Server Auth Certificate missing problem, you will be able to access the mailbox without facing an issue. You can also apply for a new certificate from Microsoft and if the error remains to affect the Exchange, then you should your Kernel for Exchange Server software to recover mailbox and save it in a new Exchange account. There will be no more Auth error in new Server.
I was facing same Exchange Server Auth Certificate missing issue before but following the steps given above fix the problem and I can again work with Exchange.
I tried the process explained in this blog and it worked for me. All required details are given in this article. I am impressed!