Mail-flow from office365 to on-premise Exchange disrupted in o365 hybrid setup after certificate renew.

Update the Exchange certificate used for mail flow in HCW (Hybrid Configuration Wizard)



Recently we had to renew the certificates in our exchange hybrid environment, which we did successfully but once the old cert expired our mail-flow from o365 to exchange disrupted, when we investigated we found that o365 still seeing the old cert.

so to fix this issue we had to run the hybrid setup wizard again.

you can download the hybrid setup from "aka.ms/hybridwizard" and run the hybrid setup again,
this can be run from any machine which can reach both Office365 and Exchange, use Global Admin account, this will not disrupt or change any other settings, you can just select the new cert and finish the wizard.

Once the wizard is finished restart the transport service on hybrid servers.

Run the HCW (Hybrid configuration Wizard) with skipping Exchange server version check switch "/DV"

Microsoft recommendation is to keep the hybrid version updated with Latest CU update, so if your hybrid servers are not updated with at least "n-2" your hybrid wizard would be failed at the version check.

So in a situation like exchange certificate renew where you would need to run hybrid configuration wizard in order to update the certificate in HCW configuration you can utilize the "/dv" switch to run the HCW.

Hybrid Configuration Wizard setup once downloaded will be saved in the following directory 
"C:\Users\<userfolder>\AppData\Local\Apps\2.0\WTYLKGNP.EP5\3XHGRPN9.XAK\
micr..tion_1975b8453054a2b5_0010.0000_d91bc61f320c4ba6"

The directory name is identical the correct directory would include the multiple file and folders.

Run the HCW using by adding the "/dv" parameters to the "Microsoft.Online.CSE.Hybrid.App.exe".

use the below cmd if running on PowerShell

"./Microsoft.Online.CSE.Hybrid.App.exe /dv"

This method will skip the version check and you should be able to run the HCW.

Comments