MSExchange Certificate Deployment 2009
上一次修改主题: 2011-03-19
本文对特定 Exchange 事件进行了说明并提供了可能的解决方案。如果您在此处未找到所需内容,请尝试在 Exchange 2010 帮助中进行搜索。
Details
Product Name |
Exchange |
Product Version |
14.0 |
Event ID |
2009 |
Category |
General |
Symbolic Name |
FederationCertificateNearingExpiry |
Message Text |
The federation certificate %1 will expire in less than 15 days. Renew the certificate soon to ensure proper functionality of federation trust services. |
Explanation
In Exchange Server 2010, a federation is used for federated delegation. This allows the sharing of availability information, calendars, and contacts with recipients in external federated organizations. This Warning event is logged when the certificate that is used for federation is almost expired.
User Action
There is only one federation trust certificate created for each organization.
For example, if the servers that are running Microsoft Exchange within an organization are located in multiple Active Directory forests, the same federation trust certificate must be used within each Active Directory forest. Therefore, the organization must repeat the certificate renewal operation in each Active Directory forest. After the trust certificate is updated on a server in the Active Directory forest, the certificate is automatically distributed to all other servers within that Active Directory forest.
For more information about how to obtain a new certificate, see Understanding Federation.
For more information about how to transition to the next available certificate, see Manage Federation.
备注
Self-signed certificates for a federation trust are supported in Microsoft Exchange Server 2010 R5 and later versions. However, the federation trust must be created by using the New-FederationTrust cmdlet in Exchange Server 2010 R5.
For More Information
如果您尚未执行此操作,请考虑运行 Exchange 工具,已创建这些工具以帮助您分析 Exchange 环境并对其进行疑难解答。这些工具可帮助确保您的配置与 Microsoft 最佳实践保持一致。它们还可以帮助您识别和解决性能问题,并改进邮件流。若要运行这些工具,请转到 Exchange 管理控制台的“工具箱”节点。若要了解有关这些工具的详细信息,请参阅管理工具箱中的工具。