One of client had Logic Monitor kick off the following ticket:
Eventsource: Windows Exchange EventsWindows
Event ID: 25
Message: The Exchange certificate [Subject] CN=11f90176-4bca-4cec-90fa-2a7bdc7b5181
DC=88467e97-b67a-4906-983f-c201d2100bc8
[Issuer] CN=MS-Organization-P2P-Access [2021]
[Serial Number] 128616464061E8F328FAE2380BB88E82
[Not Before] 7/1/2022 5:46:40 PM
[Not After] 7/2/2022 5:51:40 PM
[Thumbprint] 8E1AA568E95C7BAE26E1BCEB8728E2D43D54DD21 will expire very soon on 7/2/2022 5:51:40 PM.
The certificate in question looks like:
A MS-Organization-P2P-Access certificate is:
It only has a one day life because the MS-Organization-P2P-Access is not generally needed for longer. You will notice that is starts appearing in Windows logs after AD FS Device Registration has been enabled.
These MS-Organization-P2P-Access certificates are NOT automatically renewed when they expire; they are automatically replaced only when they are needed again.
You can safely ignore them and the fact that they are expiring.
Look in Local Computer\AAD Token Issuer\Certificates and you will see your own on-premise computer issues the MS-Organization-P2P-Access certificates.
The certs are issued to both the user and the computer so they are present in both:
This website uses cookies.