question

AndreasxD-3741 avatar image
0 Votes"
AndreasxD-3741 asked AndreasxD-3741 answered

Windows Server 2019 SMTP Relay TLS Problem

Hello All,

I need help setting up a local SMTP Relay with internal TLS communication.

Windows Server 2019 and SMTP role is installed and configured.
Without TLS and anonymous access it will work, but we want to enable the TLS for internal communication.
I created a certificate from our internal pki and imported it, but I get the information on SMTP Virtual Server that 'TLS is not available without a certificate'.

In the event viewer I found this entry
Information; smtpsvc; EventID 2001

Has anyone an idea how I can fix that problem with TLS.

windows-server-iis
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

SamWu-MSFT avatar image
0 Votes"
SamWu-MSFT answered

Hi @AndreasxD-3741

TLS is not available without a certificate in the Secure Connection Tab under the Access Tab, If you would like to generate the certificate on your Windows Server 2019, you need to install the Active Directory Certificate Services via adding the roles, after installing the ADCS, you will find the Secure Communication could be set.

For the detailed information about the ADCS, there is a link for your reference: Active Directory Certificate Services Step-by-Step Guide.


If the answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AndreasxD-3741 avatar image
0 Votes"
AndreasxD-3741 answered

Hi @SamWu-MSFT ,

Thank you very much for your reply.

We already have two servers with ADCS installed to enroll certificates for our local domain.
I did a certificate request and created the certificate for local smtp.
I imported the certificate to the personal store.
103636-image.png



Is it realy needed for tls that the ADCS role is installed on the server?
Could you please explain why this is needed.


image.png (3.1 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.