My recieve connector doesn't match the SAN names on the cert but GoDaddy will not allow you to add .local SAN names. I tried to change the FQDN to match the one on the cert but it's not a FQDN so it will not allow it. Any ideas for a workaround?
MSExchange Transport
Event ID: 12014
Microsoft Exchange could not find a certificate that contains the domain name EXCHANGE.nixonandco.local in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector Intra-Organization SMTP Send Connector with a FQDN parameter of EXCHANGE.nixonandco.local. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key.
[PS] C:\Windows\system32>Get-ExchangeCertificate |fl *
PSComputerName : exchange.nixonandco.local
RunspaceId : 7a7e06d3-994f-4918-b430-a5f78156c85a
AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAcces
sRule, System.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {webmail.nixonandco.com, www.webmail.nixonandco.com, autodiscover.exedesearch.com, autodiscover.
nixonandco.com, legacy.exedesearch.com, legacy.nixonandco.com, mail.nixonandco.com}
CertificateRequest :
IisServices : {IIS://Exchange/W3SVC/1}
IsSelfSigned : False
KeyIdentifier : 026C3CA20D0A4D28458D010C308EAE2EB68AC1EE
RootCAType : ThirdParty
Services : IMAP, POP, IIS, SMTP
Status : Valid
SubjectKeyIdentifier : 026C3CA20D0A4D28458D010C308EAE2EB68AC1EE
PrivateKeyExportable : True
PublicKeySize : 2048
ServicesStringForm : IP.WS.
Archived : False
Extensions : {System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptograph
y.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Crypt
ography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security
.Cryptography.Oid}
FriendlyName : webmail.nixonandco.com
IssuerName : System.Security.Cryptography.X509Certificates.X500DistinguishedName
NotAfter : 3/11/2016 4:00:36 PM
NotBefore : 3/11/2014 5:00:36 PM
HasPrivateKey : True
PrivateKey : System.Security.Cryptography.RSACryptoServiceProvider
PublicKey : System.Security.Cryptography.X509Certificates.PublicKey
RawData : {48, 130, 5, 229, 48, 130, 4, 205, 160, 3, 2, 1, 2, 2, 7, 4...}
SerialNumber : 041716341F0AC0
SubjectName : System.Security.Cryptography.X509Certificates.X500DistinguishedName
SignatureAlgorithm : System.Security.Cryptography.Oid
Thumbprint : 029793301C0B83860682EDA21D93854912960C08
Version : 3
Handle : 483266304
Issuer : SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godadd
y.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
Subject : CN=webmail.nixonandco.com, OU=Domain Control Validated
[PS] C:\Windows\system32>Get-SendConnector | fl name, fqdn
Name : SMTP
Fqdn : webmail.nixonandco.com
[PS] C:\Windows\system32>Get-ReceiveConnector | fl name, fqdn, objectClass
Name : Default EXCHANGE
Fqdn : Exchange.nixonandco.local
ObjectClass : {top, msExchSmtpReceiveConnector}
Name : Client EXCHANGE
Fqdn : Exchange.nixonandco.local
ObjectClass : {top, msExchSmtpReceiveConnector}
[PS] C:\Windows\system32>Get-SendConnector | fl name, fqdn, objectClass
Name : SMTP
Fqdn : webmail.nixonandco.com
ObjectClass : {top, msExchConnector, mailGateway, msExchRoutingSMTPConnector}