MSExchangeTransport 11022

  • Article

 

This article provides an explanation and possible resolutions for a specific Exchange event. If you don't find what you’re looking for here, try searching Exchange 2010 Help.

Details

Product Name

Exchange

Product Version

14.0

Event ID

11022

Event Source

MSExchangeTransport

Category

MessageSecurity

Symbolic Name

TlsDomainCapabilitiesCertificateValidationFailure

Message Text

Failed to confirm domain capabilities '%1' on connector '%2' because validation of the Transport Layer Security (TLS) certificate failed with status '%3'. Contact the administrator of '%4' to resolve the problem, or remove the domain from the TlsDomainCapabilities list of the Receive connector.

Explanation

This event indicates that the Microsoft Exchange Transport service cannot validate a TLS certificate for the TlsDomainCapabilities parameter on a Receive connector.

The TlsDomainCapabilities parameter specifies the different capabilities that the Receive connector makes available to specific hosts outside your organization. TLS together with certificate validation is used to authenticate remote hosts before these capabilities are offered. The following capabilities may be offered for a domain:

  • AcceptOorgProtocol

  • AcceptOorgHeader

For more information, see the following topics:

User Action

To troubleshoot this issue, do one or more of the following:

  • Review the Application log and System log on your Exchange 2010 servers for related events. For example, events that occur immediately before and after this event may provide more information about the root cause of this error.

  • Examine the installed certificate to verify its validity. For more information, see Troubleshooting Certificate Validation Errors.

  • Resolve your issue by using self-support options, assisted support options, and other resources. You can access these resources from the Exchange Server Solutions Center. From this page, click Self-Support Options in the navigation pane to use self-help options. Self-help options include searching the Microsoft Knowledge Base, posting a question at the Exchange Server forums, and other methods. Alternatively, in the navigation pane, you can click Assisted Support Options to contact a Microsoft support professional. Because your organization may have a specific procedure for directly contacting Microsoft Product Support Services, be sure to review your organization's guidelines first.

For more information about how to configure TLS, see the following topics.