Although it's not a mandatory role, the Exchange Edge server is one of the best SMTP relays and security servers available. It can be the entrance point of your organization, while also filtering and securing the messages that flow inside.
The Exchange Edge server needs a certificate assigned to the SMTP service that can be used to achieve secure connections with outside servers or for authentication with the inside HUB transport server, if there's an Edge subscription in place.
If you're using the self-signed certificate and it's approaching the expiration date, now it's probably the time to renew it. In order to do that, follow these steps:
- Open the Exchange Management Shell and run the following cmdlet: Get-ExchangeCertificates.
- Copy the thumbprint and then run this command: Get-ExchangeCertificate -Thumbprint | New-ExchangeCertificate.
- Run Get-ExchangeCertificates again and copy the new thumbprint.
- Enable the certificate for SMTP: Enable-ExchangeCertificate -Services:"SMTP".
We now need to rebuild the Edge subscription:
- On the Edge server run: New-EdgeSubscription –FileName "C:\EdgeSubscription.xml".
- Copy the EdgeSubscription.xml file to the internal Hub Transport server.
- On the Hub Transport server remove the existing subscription, by using the Exchange Management Console (Organization > Hub Transport) or by runing the cmdlets Get-EdgeSubscription and then Remove-EdgeSubscription.
- Create the new Edge subscription by using the EMC or by using PowerShell: New-EdgeSubscription -FileName "C:\EdgeSubscription.xml".
If you remove edge subscription from hub transport you will lost all messages in queus on EDGE servers. You shouldn’t remove you must just update…
It’s pretty clear that the person that wrote this article has not actually run these commands on real Edge/Hub Transports or they’d have seen the errors generated.