OWA Logon Error on Exchange 2016 and Windows 2012 R2

2018-01-30T16:15:16+00:00 January 30th, 2018|Exchange|

I had an issue recently on a customer exchange deployment when we installed EX2016 CU8 on Windows 2012 R2. The installation completed without errors and I can logon to ECP and manage the environment. I then came across an issue when trying to logon to OWA.
I was faced with the following error: X-OWA-Error Microsoft.Exchange.Diagnostics.ExAssertException
On starting to troubleshoot the issue I could see when running “Get-ExchangeCertificate” that the certificate””CN=Microsoft Exchange Server Auth Certificate” was missing

To fix the issue I had to create a new Auth Certificate:

• New-ExchangeCertificate -KeySize 2048 -PrivateKeyExportable $true -SubjectName “cn= Microsoft Exchange Server Auth Certificate” -DomainName “mail.domain.com” -FriendlyName “Microsoft Exchange Server Auth Certificate” -Services SMTP
• Take a note of the Exchange Certificate ThumbPrint: Get-ExchangeCertificate (Note the ThumbPrint for “CN=Microsoft Exchange Server Auth Certificate”)
• I then ran: $dt = Get-Date
• Set-AuthConfig -NewCertificateThumbprint [Thumbprint noted above here] –NewCertificateEffectiveDate $dt
• Set-AuthConfig –PublishCertificate
• Set-AuthConfig –ClearPreviousCertficate
• iisreset

• You should then notice the certificate as the AuthConfig: (Get-AuthConfig).CurrentCertificateThumbprint | Get-ExchangeCertificate

I could then logon to OWA