hmmm, that sounds weird, yes.
What CU and Security updates have been applied?
Are you up to date?
If admin audit logging is enabled, search and see if you find anything:
Search-AdminAuditLog -Cmdlets New-ExchangeCertificate
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
In my ES2019 Exchange Admin Center, I am seeing cert requests which I never made.
There are about 20 of them in the last 3 months.
Does this mean I've been hacked? Anyone who had my admin password would surely have better things to do with it, than create requests, which no authority will honor since the hacker won't have access to the Domain Control Proof email for verification. Also, upon inspection, the requests are for domain "{example.org}". Obviously, anyone trying to break into my server would try to get a cert with my domain's name, and not a dummy name like "example.org".
The Certification authority-signed certificate details in the right Details Panel show what looks like to be HTML code from an ASP (!!!) Page.
I'd appreciate guidance on this.
hmmm, that sounds weird, yes.
What CU and Security updates have been applied?
Are you up to date?
If admin audit logging is enabled, search and see if you find anything:
Search-AdminAuditLog -Cmdlets New-ExchangeCertificate