Windows Server

Exchange 2013/2016/2019 Error with OWA/ECP after Cumulative Update (CU)

November 27, 2021 by AJNI 1 Comment

After updating Exchange 2013/2016/2019 you might get an error when trying to open OWA or ECP. This happens because of an expired OAuth certificate.

Open Exchange Powershell and check if the certificate has expired:

Get-ExchangeCertificate (Get-AuthConfig).CurrentCertificateThumbprint

If the certificate has expired, create a new one (do not forget to change the domain name):

New-ExchangeCertificate -KeySize 2048 -PrivateKeyExportable $true -SubjectName “cn=Microsoft Exchange Server Auth Certificate” -FriendlyName “Microsoft Exchange Server Auth Certificate” -DomainName “ajni.it

Set the new certificate for OAuth:

Set-AuthConfig -NewCertificateThumbprint <ThumbprintFromStep1> -NewCertificateEffectiveDate (Get-Date)
Set-AuthConfig –PublishCertificate
Set-AuthConfig -ClearPreviousCertificate

Restart the Exchange IIS App Pools:

Restart-WebAppPool MSExchangeOWAAppPool
Restart-WebAppPool MSExchangeECPAppPool

If you still get the error in OWA/ECP, you either have to wait a couple of hours (some people have reported that they had to wait for up to 6 hours) or change the time zone of the Exchange server to UTC (Universal Coordinated Time).

References:

https://www.frankysweb.de/exchange-server-owa-und-eac-starten-nicht-nach-installation-der-juli-updates/

https://support.microsoft.com/en-us/topic/you-can-t-access-owa-or-ecp-after-you-install-exchange-server-2016-cu6-88b3fe67-5f97-a8a2-8ed8-70034ff15761

Reading time: 1 min

Like what you are reading? Buy me a coffee.

Tip Of the Day

Keep in touch

Oh hi there!
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

Categories

Archives