dpaulson45
commented
12 months ago Would a valid way to test this out is manually create a bunch of certs with the same name?
Open MarcoLFrancisco opened 2 years ago
dpaulson45
commented
12 months ago Would a valid way to test this out is manually create a bunch of certs with the same name?
Provide Version Number Provide the version of the script that has the issue.
22.08.09.0638
Describe the issue
Cloud Mail Send Connector TlsCertificateName can present multiple certificates if the certificate is renewed without deleting the old certificate (quite common). Possible solution would be to present only the most recent certificate who's name matches the TlsCertificateName value.
Note - Send connector references certificate by name and not thumbprint. If several certificates with same name exists Exchange uses the one that has the longest lifetime.
Expected behavior
Present only the most recent certificate whose name matches the TlsCertificateName value.
Script Output
Additional context
Can lead to confusion if the send connector is seen to have an invalid certificate at the same time as it has a valid certificate. As far as I understand there are no issues from having an expired certificate if a new one exists, and it was properly renewed. But I have seen issues for having two much expired certificates in total.