Sunday, September 05, 2010

MSExchangeUM 1038

I was getting a strange MSExchangeUM 1038 error when trying to start MSExchangUM after enabling the UM startup mode to Dual Mode. The error in the event log was: No certificate was found.

Per this technet article, Exchange should automatically retrieve the right certificate - it will even create self-signed certificates if none exist:

But this was not happening for me. Maybe the article is missing a step, but in order to be able to use the certificate, I had to assign the certificate UM capabilities using the command:
Enable-exchangecertificate -tumbprint -services UM

- To get the thumbprint of the cert you need to enable use the command get-exchangecertificate

After this, I was able to start the MSExchangeUM service.

Note: In order for this work with OCS, a cert from a CA trusted by the OCS server(s) and Exchange must be used or the self-signed cert must be installed on the OCS server.