Hello,
I am trying to use FIMto provision Distribution groups, but whenever I try to export new groups (created with FIM Portal), I get the following error:
There is an error in Exch2010Extension BeginExportToCd() function.Type: System.Management.Automation.Remoting.PSRemotingTransportException
Message: Connecting to remote server failed with the following error message : The server certificate on the destination computer (myExchangeServer:443) has the following errors:
The SSL certificate could not be checked for revocation. The server used to check for revocation might be unreachable. For more information, see the about_Remote_Troubleshooting Help topic.
Stack Trace: at System.Management.Automation.Runspaces.Internal.RunspacePoolInternal.EndOpen(IAsyncResult asyncResult)
at System.Management.Automation.Runspaces.RunspacePool.Open()
at System.Management.Automation.RemoteRunspace.Open()
at Exch2010Extension.Exch2010ExtensionClass.OpenConnection(String uri, PSCredential credential)
at Exch2010Extension.Exch2010ExtensionClass.BeginExportToCd(String connectTo, String domain, String server, String user, String password)
The certificate is valid (has 9 months left), and has been issued by a valid CA, but the CRL info on the Certificate is in LDAP Format, and apparently, the revocation list cannot be retrieved from the server (Server cannot be found).
I know I can bypass this problem when connecting to Exchange 2010 using PowerShell by including the following option:
-SessionOption (New-PSSessionOption -SkipRevocationCheck)
I have even added the host "myExchangeServer" to the WinRM trustedHosts configuration, but it did not work.
Is there any way to bypass the CertificateRevocationList checking with FIM for its Powershell Exchange Connection?