When assigning SSL certificates to the Exchange UM services (Microsoft Exchange Unified Messaging and Unified Messaging call router), an error message appears if the corresponding settings are not made beforehand.
The following error message is displayed if an attempt is made to bind a certificate to the UM services without changing the start mode:
A special RPC error has occurred on server FWEX1: The certificate with the fingerprint '89563B4B0BAE9F9747DC9A33BE63E55FD2723405' cannot be enabled for Microsoft Exchange Unified Messaging because it is currently only set to run in TCP mode. Change the mode to 'TLS' or 'Dual' and run this cmdlet again.
The following commands change the start mode of the services accordingly so that SSL certificates can be bound to the services:
Get-UMService | Set-UMService -UMStartupMode Dual Set-UMCallRouterSettings -Server FWEX1 -UMStartupMode DUAL Set-UMCallRouterSettings -Server FWEX2 -UMStartupMode DUAL
As soon as the commands have been executed, the certificate can be assigned to the UM services; once this has been done, the two services must be restarted on the servers.
Note: It is not absolutely necessary to configure SSL certificates for the Unified Messaging services. If you do not want to use certificates for the UM services, you can leave the configuration as default and simply omit the UM services when assigning a new certificate.
This article also applies to Exchange 2016.
Hallo und wie kann ich diese zuordnung wieder rückgenigmachen? Gruss