Symptoms
After you install and upgrade to Microsoft Exchange Server 2016 Cumulative Update 8 (CU8), you can't access Outlook Web App (OWA) or Exchange Control Panel (ECP), and you receive the following error message:
:-( Something went wrong
We can't get that information right now. Please try again later. X-ClientId: ClientID X-FEServer: ServerNameIn addition, the following events information is recorded in the Application log of the Exchange server that hosts the mailbox database:
Log Name: Application
Source: MSExchange OAuth Event ID: 2004 Task Category: Configuration Level: Warning Keywords: Classic User: N/A Computer: mail.contoso.com Description: Unable to find the certificate with thumbprint CertificateValue in the current computer or the certificate is missing private key. The certificate is needed to sign the outgoing token.Note There is a similar issue, see You can't access OWA or ECP after you install Exchange Server 2016 CU6.
Cause
This issue occurs if the Exchange Server Auth certificate that's used for OAuth signing is missing from the Exchange Server. You can run the following command to check whether the certificate is missing:
Get-ExchangeCertificate (Get-AuthConfig).CurrentCertificateThumbprintResolution
For Exchange Server 2016, install Cumulative Update 9 or a later cumulative update for Exchange Server 2016.
Status
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
References
Learn about the terminology that Microsoft uses to describe software updates.