Symptoms

After you install and upgrade to Microsoft Exchange Server 2016 Cumulative Update 8 (CU8), you can't access Outlook Web App (OWA) or Exchange Control Panel (ECP), and you receive the following error message:

:-( Something went wrong
We can't get that information right now. Please try again later.
X-ClientId: ClientID
X-FEServer: ServerName

In addition, the following events information is recorded in the Application log of the Exchange server that hosts the mailbox database:

Log Name: Application
Source: MSExchange OAuth
Event ID: 2004
Task Category: Configuration
Level: Warning
Keywords: Classic
User: N/A
Computer: mail.contoso.com
Description:
Unable to find the certificate with thumbprint CertificateValue in the current computer or the certificate is missing private key. The certificate is needed to sign the outgoing token.

Note There is a similar issue, see You can't access OWA or ECP after you install Exchange Server 2016 CU6.

Cause

This issue occurs if the Exchange Server Auth certificate that's used for OAuth signing is missing from the Exchange Server. You can run the following command to check whether the certificate is missing:
Get-ExchangeCertificate (Get-AuthConfig).CurrentCertificateThumbprint

Resolution

For Exchange Server 2016, install Cumulative Update 9 or a later cumulative update for Exchange Server 2016.

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

References

Learn about the terminology that Microsoft uses to describe software updates.

Need more help?

Expand your skills
Explore Training
Get new features first
Join Microsoft Insiders

Was this information helpful?

What affected your experience?

Thank you for your feedback!

×