Mail not routing to on-premise Exchange 2013 environment from O365 with 450 4.7.320 Certificate validation failed error

Issue: User is trying to send email from his O365 Tenant in to the OnPrem Exchange 2013 environment. The email fails with the following reason (as seen in the message tracking logs in O365: Reason: [{LED=450 4.7.320 Certificate validation failed};{MSG=SubjectMismatch};{FQDN=hybrid.domain.com};{IP=###.###.###.###};{LRT=4/14/2017 1:07:17 PM}]. OutboundProxyTargetIP: ###.###.###.###. OutboundProxyTargetHostName: hybrid.domain.com Cause: We found that the certificate it was trying…

2

1007 AccessDenied: Access Denied when trying to renew Federation Certificate

The 1007 AccessDenied event is usually tied to a time skew issue and that should always be confirmed before proceeding, however, that is also the error you will get when you try to renew a federation certificate in Exchange, when the old certificate has already exceeded the expiration date. Scenario I am trying to replace…

0