MS Exchange Server 2016 install error message

February 17, 2018

Hi Guys,

I'm trying to install MS Exchange Server 2016 on Server 2016 and keep getting the below error message on step 9 - Mailbox Role - Client Access Service;

Quote

Error:
The following error was generated when "$error.Clear();
Install-ExchangeCertificate -WebSiteName "Exchange Back End" -services "IIS, POP, IMAP" -DomainController $RoleDomainController -InstallInTrustedRootCAIfSelfSigned $true
if ($RoleIsDatacenter -ne $true -And $RoleIsPartnerHosted -ne $true)
{
Install-AuthCertificate -DomainController $RoleDomainController
}
" was run: "Microsoft.Exchange.Management.SystemConfigurationTasks.AddAccessRuleCryptographicException: Could not grant Network Service access to the certificate with thumbprint 568C333312B617AB72450E4E1393C83175ABF45A because a cryptographic exception was thrown. ---> System.Security.Cryptography.CryptographicException: Access is denied.

at Microsoft.Exchange.Security.Cryptography.X509Certificates.TlsCertificateInfo.CAPIAddAccessRule(X509Certificate2 certificate, AccessRule rule)
at Microsoft.Exchange.Security.Cryptography.X509Certificates.TlsCertificateInfo.AddAccessRule(X509Certificate2 certificate, AccessRule rule)
at Microsoft.Exchange.Management.SystemConfigurationTasks.ManageExchangeCertificate.EnableForServices(X509Certificate2 cert, AllowedServices services, String websiteName, Boolean requireSsl, ITopologyConfigurationSession dataSession, Server server, List`1 warningList, Boolean allowConfirmation, Boolean forceNetworkService)
--- End of inner exception stack trace ---
at Microsoft.Exchange.Configuration.Tasks.Task.ThrowError(Exception exception, ErrorCategory errorCategory, Object target, String helpUrl)
at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target)
at Microsoft.Exchange.Management.SystemConfigurationTasks.InstallExchangeCertificate.EnableForServices(X509Certificate2 cert, AllowedServices services)
at Microsoft.Exchange.Management.SystemConfigurationTasks.InstallExchangeCertificate.InternalProcessRecord()
at Microsoft.Exchange.Configuration.Tasks.Task.<ProcessRecord>b__91_1()
at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed)".

Does anyone know how to resolve this error message please?

Cheers,

Wongle.

11,094 · February 17, 2018

It looks like it is failing with the self signed cert.

you could try uninstalling everything including iis, reboot, then try elevating the install.

Make sure you update windows server fully prior to insalling exchange.

Also exchange should be on its own server. Do not share with other installs, no AD server, no sql, etc...completely standalone.

1,674 · February 17, 2018

looks to be a similar problem as below in 2013 server

https://blogs.technet.microsoft.com/robwhaley/?p=33

I think the certificate finger print does not match or needs fixing.

Sign In

MS Exchange Server 2016 install error message

Recommended Posts

wongle

Link to comment

Share on other sites

sc302 Veteran

Link to comment

Share on other sites

TheReaperMan

Link to comment

Share on other sites

Recently Browsing 0 members

Similar Content

PSA: Support for Exchange Server 2013 is ending soon

Prosecutors split on whether to charge crypto's largest centralized exchange, Binance

Third-largest crypto exchange, Kraken, outlines plan to survive the crypto winter

BlockFi files for Chapter 11 bankruptcy due to financial links with FTX

FTX files for bankruptcy, Sam Bankman-Fried steps down as CEO 1 2

Company

Community

Social

Partners

Forums

News

Features

More

Themes