You are currently offline, waiting for your internet to reconnect

"RequiredTls flag should be set to true if TlsCertificateName is specified" error when you run the Hybrid Configuration wizard

Note The Hybrid Configuration wizard that's included in the Exchange Management Console in Microsoft Exchange Server 2010 is no longer supported. Therefore, you should no longer use the old Hybrid Configuration wizard. Instead, use the Office 365 Hybrid Configuration wizard that's available at http://aka.ms/HybridWizard. For more information, see Office 365 Hybrid Configuration wizard for Exchange 2010.
PROBLEM
When you run the Hybrid Configuration wizard, you receive the following error message:
Execution of the Set-HybridMailflow cmdlet had thrown an exception. This may indicate invalid parameters in your Hybrid Configuration settings.

RequiredTls flag should be set to true if TlsCertificateName is specified.

at Microsoft.Exchange.Management.Hybrid.RemotePowershellSession.RunCommand(String cmdlet Dictionary`2 parameters Boolean ignoreNotFoundErrors)
CAUSE
The problem can occur if the send connector or receive connector has a Transport Layer Security (TLS) name that's not in the certificate. This can happen if the certificate changed and caused mismatched names for the connector.
SOLUTION
Rerun the Hybrid Configuration wizard. When you're prompted to specify the fully qualified domain name (FQDN) of the on-premises server that is running Microsoft Exchange Server, make sure that the name that you enter is on a certificate that's bound to the Simple Mail Transfer Protocol (SMTP) service.
MORE INFORMATION
To determine which certificate and domain name can be used, follow these steps:
  1. Open Exchange Management Shell on the on-premises Exchange server, and then run the following command:
    Get-ExchangeCertificate |fl Services,CertificateDomains,thumbprint,IsSelfSigned
  2. Look for certificates in which the Services value is SMTP.
  3. Look for certificates in which the IsSelfSigned parameter is set to False.
  4. Examine the CertificateDomains values that remain, and then look for the domain name that you configured for external DNS.
Still need help? Go to the Office 365 Community website or the Exchange TechNet Forums.
Properties

Article ID: 3062283 - Last Review: 04/26/2016 14:40:00 - Revision: 3.0

Microsoft Exchange Online, Microsoft Exchange Server 2013 Enterprise, Microsoft Exchange Server 2013 Standard, Microsoft Exchange Server 2010 Enterprise, Microsoft Exchange Server 2010 Standard

  • o365e o365m o365p o365022013 o365 o365a hybrid KB3062283
Feedback