We run Exchange 2010 in a two-node DAG. There is a third-party hosted product that we have an IPsec VPN with, but they fail to send email as they do not trust the certificate being presented to them. On each node, there is a self-signed certificate each server has issued to itself (EXSRVR1/EXSRVR2). We have an internal CA and third-party trusted cert set to SMTP services, is there any issue disabling/removing the SMTP service from the self-issued certificates?
Looking at this TechNet link https://technet.microsoft.com/en-us/library/dd351257(v=exchg.141).aspx) I can set the assigned services to 'None'. However, I'm curious if there will be any issues from internal Outlook clients using the Root CA certificate for SMTP (since it is trusted across all domain joined devices). Here's a sanitized output of one of our CAS server's certificates: [cid:image001.png@01D2A794.20A2BC20] I appreciate any insight. Thank you. -Geoff Confidentiality Notice: This is a transmission from Montage Health. This message and any attached documents may be confidential and contain information protected by state and federal medical privacy statutes. They are intended only for the use of the addressee. If you are not the intended recipient, any disclosure, copying, or distribution of this information is strictly prohibited. If you received this transmission in error, please accept our apologies and notify the sender. Thank you.