Exchange Shell Certificate Error

The other day, a colleague of mine experienced an issue when updating the certificate for one of his Exchange servers. After using the EAC to update the certificate, the Exchange Management Shell would not start and give the following error:

New-PSSession : [] Connecting to remote server failed with the following error message : [ClientAccessServer=server,,RequestId=357032aa-2312-477e-be88-8d99 db9027c5,TimeStamp=07/12/2016 23:10:21] [FailureCategory=Cafe-SendFailure]  For more information, see the about_Remote_Troubleshooting Help topic.


In the System event log we would find the following:

Log Name:      System
Source:        Microsoft-Windows-HttpEvent
Date:          6/18/2016 4:45:40 PM
Event ID:      15021
Level:         Error
Description: An error occurred while using SSL configuration for endpoint  The error status code is contained within the returned data.


Because this was a passive server of a DAG, no users were connecting to it so they were not impacted. However, we were not able to access OWA/EAC directly on this server.

The problem turned out to be in IIS and the fact that the new certificate was not binding to the Exchange Back End site. To fix it, open ISS, expand the server name, expand Sites, right-click on Exchange Back End and select Edit Bindings. In the new window, select https and then click Edit…:



As you can see, no SSL certificate was selected:



To fix it, simply select the new certificate from the SSL certificate drop-down box and click OK.


About The Author

7 thoughts on “Exchange Shell Certificate Error”

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top