MSExchangeTransport 12013

上一次修改主题： 2011-03-19

本文对特定 Exchange 事件进行了说明并提供了可能的解决方案。如果您在此处未找到所需内容，请尝试在 Exchange 2010 帮助中进行搜索。

Details

Explanation

This Error event indicates that the certificate that is used for direct trust authentication with other Microsoft Exchange servers on this computer cannot be found. Direct trust means that Microsoft Exchange Server 2010 uses a trusted store, such as Active Directory or Active Directory Lightweight Directory Services (AD LDS) directory service. Direct trust also means that the presence of the certificate in the store validates the certificate. When you subscribe an Edge Transport server to the Exchange organization, the Edge Subscription publishes the Edge Transport server certificate in Active Directory for the Hub Transport servers to validate. The Microsoft Exchange EdgeSync service updates AD LDS with the set of Hub Transport server certificates for the Edge Transport server to validate.

The transport server that returned this error is configured to use a specific certificate, which is identified by the Thumbprint field on the certificate. The certificate that has been configured for this server no longer exists in the computer personal certificate store, or if it does exist, it is not enabled for SMTP.

User Action

To resolve this error, you must search the computer's personal certificate store to determine whether the certificate exists. Open the computer's personal certificate store, open each certificate, and compare the Thumbprint value on each certificate to the Thumbprint value that was returned with this error.

For more information about how to use the Microsoft Management Console (MMC) to open and view certificates in the computer's personal certificate store, see "Step 1: Add Certificate Manager to the Microsoft Management Console" in 测试 PKI 和代理配置.

• If the certificate exists, you must enable the certificate for SMTP by running the Enable-ExchangeCertificate cmdlet. For more information about how to enable the certificate for SMTP, see Enable-ExchangeCertificate.

• If the certificate does not exist, you must use the New-ExchangeCertificate cmdlet to create a new internal transport certificate on the computer that returned this Error event. Running the New-ExchangeCertificate cmdlet with no parameters creates an SMTP-enabled internal transport certificate for direct trust. For more information, see New-ExchangeCertificate.

• If this error occurred on a Hub Transport server, you must create the internal transport certificate on the Hub Transport server where the error occurred. After you have created the certificate, restart the Microsoft Exchange EdgeSync service to update the certificate information on the Edge servers that are subscribed to the organization.

• If this error occurred on an Edge Transport server, you must create the internal transport certificate on the Edge Transport server where the error occurred. After you have created the certificate, re-subscribe the Edge Transport server to the Exchange organization to update the certificate information in Active Directory.

• If you are not running the Microsoft Exchange EdgeSync service, you must manually update the certificate. For more information, see 在不使用 EdgeSync 的情况下配置边缘传输服务器和集线器传输服务器之间的邮件流.

For More Information

如果您尚未执行此操作，请考虑运行 Exchange 工具，已创建这些工具以帮助您分析 Exchange 环境并对其进行疑难解答。这些工具可帮助确保您的配置与 Microsoft 最佳实践保持一致。它们还可以帮助您识别和解决性能问题，并改进邮件流。若要运行这些工具，请转到 Exchange 管理控制台的“工具箱”节点。若要了解有关这些工具的详细信息，请参阅管理工具箱中的工具。