Update of Exchange has been on the mandatory now due to all the security challenges. The process of upgrade is itself a challenge as it required precision. Over this blog I am sharing one of my experience while upgrading Exchange Server 2013 CU 23. When I was upgrading my Exchange CU22 to CU 23, I got an error while installing Client Access Role: Front End Transport Service saying; ‘CryptographicException: The Certificate is Expired.’
When I receive this error, it clearly states that I do have an issue with Certificate. And now if I try to check the certificate of Exchange, it throws me an error while getting login to ECP. So, I am at middle stucked with no visibility on which certificate cause me this issue.
Not to worry. Fortunately, we do have something call IIS where we can check the certificate assigned to our Exchange server. So, what I did was… went to IIS manager à Default web site à Bindings and selected the HTTPS for all unassigned IP. Validated the assigned certificate, which was expired. Hence changed the certificate with new one and restarted the IIS.
Once this process was completed, I re-initiated the upgrade of CU23… and voila…. It is done without any error. Hope this will help you in future for upgradation of exchange server.