• Sign in to Neowin Faster!

    Create an account on Neowin to contribute and support the site.

MS Exchange Server 2016 install error message

Recommended Posts

wongle    1

Hi Guys,


I'm trying to install MS Exchange Server 2016 on Server 2016 and keep getting the below error message on step 9 - Mailbox Role - Client Access Service;



The following error was generated when "$error.Clear(); 
          Install-ExchangeCertificate -WebSiteName "Exchange Back End" -services "IIS, POP, IMAP" -DomainController $RoleDomainController -InstallInTrustedRootCAIfSelfSigned $true
          if ($RoleIsDatacenter -ne $true -And $RoleIsPartnerHosted -ne $true)
            Install-AuthCertificate -DomainController $RoleDomainController
        " was run: "Microsoft.Exchange.Management.SystemConfigurationTasks.AddAccessRuleCryptographicException: Could not grant Network Service access to the certificate with thumbprint 568C333312B617AB72450E4E1393C83175ABF45A because a cryptographic exception was thrown. ---> System.Security.Cryptography.CryptographicException: Access is denied.

   at Microsoft.Exchange.Security.Cryptography.X509Certificates.TlsCertificateInfo.CAPIAddAccessRule(X509Certificate2 certificate, AccessRule rule)
   at Microsoft.Exchange.Security.Cryptography.X509Certificates.TlsCertificateInfo.AddAccessRule(X509Certificate2 certificate, AccessRule rule)
   at Microsoft.Exchange.Management.SystemConfigurationTasks.ManageExchangeCertificate.EnableForServices(X509Certificate2 cert, AllowedServices services, String websiteName, Boolean requireSsl, ITopologyConfigurationSession dataSession, Server server, List`1 warningList, Boolean allowConfirmation, Boolean forceNetworkService)
   --- End of inner exception stack trace ---
   at Microsoft.Exchange.Configuration.Tasks.Task.ThrowError(Exception exception, ErrorCategory errorCategory, Object target, String helpUrl)
   at Microsoft.Exchange.Configuration.Tasks.Task.WriteError(Exception exception, ErrorCategory category, Object target)
   at Microsoft.Exchange.Management.SystemConfigurationTasks.InstallExchangeCertificate.EnableForServices(X509Certificate2 cert, AllowedServices services)
   at Microsoft.Exchange.Management.SystemConfigurationTasks.InstallExchangeCertificate.InternalProcessRecord()
   at Microsoft.Exchange.Configuration.Tasks.Task.<ProcessRecord>b__91_1()
   at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed)".

Does anyone know how to resolve this error message please?




Share this post

Link to post
Share on other sites
sc302    1,527

It looks like it is failing with the self signed cert.  


you could try uninstalling everything including iis, reboot, then try elevating the install.  


Make sure you update windows server fully prior to insalling exchange.  


Also exchange should be on its own server. Do not share with other installs, no AD server, no sql, etc...completely standalone.

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.