Video: Exchange 2013 – Removing the Default Self-Signed Certificate Problem

by admin


Free Video :Exchange 2013 – Common Errors and Mistakes

After removing the default self-signed certificate from a multi-role server:

  • Exchange Management Shell fails with: “The WinRM Shell client cannot process the request”
  • Exchange Admin Center presents the authentication page and then fails to open the EAC page

[floated align=”left”]Exchange 2013[/floated] comes out of the box with a self-signed certificate, assigned to the Default and Back End Web sites. The recommended practice is to replace it with a trusted Multiple Domain certificate (UCC), and we demonstrate this in [tip label=”Part 2” style=”1″ href=”″]Screencast: How to Upgrade Exchange 2007 to 2013 P2 [/tip] of our Exchange 2007 to 2013 upgrade Screencast.

Once you install the new certificate and assign the Exchange services to it, you have to decide what to do with the self-signed certificate which you have just replaced (usually in Exchange Admin Center).

As you will see in this video, deleting the Exchange 2013 self-signed certificate on a multi-role server will get you in trouble. The problem is specific to servers hosting the Mailbox and CAS roles and results in a failure to open Exchange Management Shell (EMS) or Exchange Admin Center (EAC). The fastest way to resolve this issue is to assign a certificate to the Back End website in IIS manager.

You may also like

NetoMeter Blog

  • Video Updates
  • Upcoming Videos
  • Community Chatrooms
  • Community Forum

Useful Links

Edtior's Picks

Latest Articles