Kind of late notification about an important change taking place on July 5th, the certificates used by the Microsoft Federation Gateway are going to be replaced.
If you are using Exchange 2013 SP1 or later, this change should not affect you as this part of the regular tasks executed by Exchange. However if you are running Exchange 2013 on Windows Server 2008, this automatic change is not working.
You will have to do either of the following:
- Using Exchange PowerShell module run the below command to refresh the Federation Trust
Get-Federationtrust | Set-FederationTrust –RefreshMetadata
- or create a schedule task as defined below
For Exchange 2010
Schtasks /create /sc Daily /tn FedRefresh /tr “C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -version 2.0 -command Add-PSSnapIn Microsoft.Exchange.Management.PowerShell.E2010;$fedTrust = Get-FederationTrust;Set-FederationTrust -Identity $fedTrust.Name -RefreshMetadata” /ru System
For Exchange 2013
Schtasks /create /sc Daily /tn FedRefresh /tr “C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -version 2.0 -command Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn;$fedTrust = Get-FederationTrust;Set-FederationTrust -Identity $fedTrust.Name -RefreshMetadata” /ru System