Unable to login to OWA – Encryption Certificate

I was recently working with a customer who had issues with logging into OWA. The users would get the following error:

Something went wrong

We can’t get that information right now. Please try again later.

X-FEServer: <servername>

Date: 8/3/2017 4:13:24 PM

In the event viewer under the application logs I found the following warnings:

Log Name: Application

Source: MSExchange OAuth

Date: 8/3/2017 11:13:08 AM

Event ID: 2004

Task Category: Configuration

Level: Warning

Keywords: Classic

User: N/A

Computer: <servername>


Unable to find the certificate with thumbprint EF6392A5E64713AD43598B7A0FF75080964FB096 in the current computer or the certificate is missing private key. The certificate is needed to sign the outgoing token.

To find the existing certificate for which the authentication configuration is looking you can run:

I found that the certificate returned wasn’t listed when I ran the command Get-ExchangeCertificate. I was required to create a new exchange certificate by running the following commands:

Now to set the AuthConfig to the newly created certificate we need to run the following:

Now when I check the AuthConfig you can see the update certificate:

Within minutes and without any service restarts managed availability had determined OWA to be healthy:


Mailbox Database Copy Failed

When working in HA environments it is possible for one of the mailbox database copies to be Failed and Suspended.

In this situation depending on what is wrong you can attempt to resume the copy or update the copy. The situation with Exchange 2010 I came across recently was giving the following error:

A source-side operation failed. Error An error occurred while performing the seed operation. Error: The process cannot access the file ‘CiPT0000.000’ because it is being used by another process..

I was required to:

· Stop the Search Service

· Deleted the Catalog Directory

· Start the Search Service

· From the Exchange Management Shell switch to the $Exscripts directory and run the following:


Truncated Results in Powershell

I was recently working with a receive connector that truncated the results of the remote IP ranges.

If you run the following command it will prevent truncation of results:

Now the same command returns the complete list.

This would be true for the results of anything in Powershell where the returned value has been truncated.