Exchange 2016 Troubleshooting: Event ID 2005 - Microsoft Exchange Server Auth Certificate

Article
1/17/2024

At a client they wanted to deploy an add-in from OWA and the Exchange Admin Center and it just wouldn't give me the option to download and when trying from the OWA you just get a blank page.

Upon further investigation, we checked the event logs and were presented with Event ID 2005:

https://www.collaborationpro.com/wp-content/uploads/2019/11/image-14.png

There is our problem. It is actually not difficult to fix, there are a few commands that need to be run.

Firstly, you need to create a New-ExchangeCertificate and you can do so running this command:

New-ExchangeCertificate -KeySize 2048 -PrivateKeyExportable $true -SubjectName "cn=Microsoft Exchange Server Auth Certificate" -FriendlyName "Microsoft Exchange Server Auth Certificate" -DomainName "domainname"

https://www.collaborationpro.com/wp-content/uploads/2019/11/image-15.png

Next we need use the Certificate Thumbprint from the previous command to run the next one:

Set-AuthConfig -NewCertificateThumbprint <ThumbPrint> -NewCertificateEffectiveDate (Get-Date)

https://www.collaborationpro.com/wp-content/uploads/2019/11/image-16.png

Now we need to run the 3rd last command, we need to Publish the Certificate:

Set-AuthConfig –PublishCertificate

https://www.collaborationpro.com/wp-content/uploads/2019/11/image-17.png

Now for the final command to remove the previous certificate:

Set-AuthConfig -ClearPreviousCertificate

https://www.collaborationpro.com/wp-content/uploads/2019/11/image-18.png

You can either recycle the app pools for ECP and OWA or do an IISReset.

Event ID 2005 should then not be showing in the event logs anymore.

Share via

Exchange 2016 Troubleshooting: Event ID 2005 - Microsoft Exchange Server Auth Certificate

Additional resources