IIS6 SMTP virtual server cant find certificate. RRS feed

  • Question

  • User947837910 posted

    I am trying to enable TLS email encryption on an SMTP virtual server through the IIS6 manager. It states "TLS is not available without a certificate" under Properties > Access > Secure communication .

    I have three other servers using the same certificate and they find it no problem, stating "A TLS certificate is found with the expiration date: 21/09/2021" instead of the above message.

    I have checked the personal certificates store and it contains a valid certificate with private key that matches the FQDN of the SMTP server:

    FQDN = foo-staging.ad.foo.com

    Certificate issued to = *.foo.com

    I have also uninstalled and reinstalled the windows features SMTP server and Web Server (IIS) and reimported the certificate but none of this helped.

    Is there any way to find out why the SMTP server cant find the certificate or to manually select the certificate instead?

    Wednesday, September 30, 2020 10:17 AM

All replies

  • User-848649084 posted


    If you would like to generate the certificate on your Windows Server, you need to install the Active Directory Certificate Services via adding the roles.

    1)Setting Up an Enterprise Root CA

    2)Installing the Online Responder

    3)Configuring the CA to Issue OCSP Response Signing Certificates

    4)Creating a Revocation Configuration

    5)Verifying that the AD CS Lab Setup Functions Properly

    you could refer below link for more detailed steps:

    Active Directory Certificate Services Step-by-Step Guide

    Securing SMTP Virtual Servers



    Thursday, October 1, 2020 2:35 AM
  • User947837910 posted

    I already have the certificate I need to use. The issue is that the SMTP virtual server isn't finding it.

    The other 3 servers I mentioned work fine with the cert, so I am looking for a way to find out more information about why this particular server fails to find it.

    I should have mentioned that the server has Windows Server 2016 Standard installed, so I don't think either of those links apply.

    Thursday, October 1, 2020 8:08 AM
  • User-848649084 posted

    under which account your SMTP server is running? try to install your certificate under the trusted root certificate store.

    Wednesday, October 14, 2020 8:27 AM
  • User947837910 posted

    The certificate is installed in the correct location.

    I managed to solve this issue by deleting the site in IIS7, the certificate then appeared in IIS6 and I then remade the site. 

    Wednesday, October 14, 2020 8:29 AM
  • User-848649084 posted

    i am glad that your issue is resolved. If your issue is solved then I request you to mark the helpful suggestion as an answer. This will help other people who face the same issue.

    Thanks for your understanding.

    Wednesday, October 14, 2020 8:31 AM