You are currently offline, waiting for your internet to reconnect

Missing certificate on the last page of the Hybrid Configuration Wizard

Note The Hybrid Configuration wizard that's included in the Exchange Management Console in Microsoft Exchange Server 2010 is no longer supported. Therefore, you should no longer use the old Hybrid Configuration wizard. Instead, use the Office 365 Hybrid Configuration wizard that's available at http://aka.ms/HybridWizard. For more information, see Office 365 Hybrid Configuration wizard for Exchange 2010.
PROBLEM
You run the Hybrid Configuration Wizard to set up a hybrid deployment of on-premises Microsoft Exchange Server and Exchange Online in Office 365. However, when you get to the last page of the wizard, you discover that a certificate is missing.
CAUSE
This issue occurs if the root certification authority (CA) wasn't imported successfully. Therefore, it isn't verified as a public, third-party root CA, and the Exchange certificate wasn't configured correctly for an Exchange 2010 hybrid deployment.
SOLUTION
To resolve this issue, check the value of the RootCAType property. To do this, use the Exchange Management Shell on the hybrid server to run the following command:
Get-ExchangeCertificate | FL
The RootCAType property identifies the kind of CA that issued the certificate. It should return a value of ThirdParty.

If it instead returns a value of either Registry or None, reimport the certificate on the hybrid server, and then configure the certificate for an Exchange hybrid deployment. For more information about how to do this, go to the following Microsoft website:
MORE INFORMATION
The RootCAType property can have any of the following values:
  • Registry: An internal, private PKI root CA that has been manually installed in the certificate store
  • ThirdParty: A public, third-party root CA
If the property's value is Registry, the certificate is not listed when you run the Hybrid Configuration Wizard.

In the case of a private CA, the Hybrid Configuration Wizard can’t be completed successfully. Self-signed certificates can’t be used for Exchange services in a hybrid deployment. You have to install and assign Exchange services to a valid digital certificate that is purchased from a trusted CA.

Still need help? Go to the Office 365 Community website or the Exchange TechNet Forums.
Properties

Article ID: 2879262 - Last Review: 04/25/2016 11:21:00 - Revision: 6.0

Microsoft Exchange Online

  • o365 o365a o365e o365m o365022013 hybrid KB2879262
Feedback
/script>