Below are all the steps required to renew the "Exchange Delegation Federation" certificate.
By following the steps in the "Learn" document on https://learn.microsoft.com/en-us/exchange/renew-the-federation-certificate-exchange-2013-help eveuthing should work fine. But if you still use a proxy you could see this:
This is the part where I was trying to get the certificate activated but wasn't allowed through the proxy:
Welcome to the Exchange Management Shell! Full list of cmdlets: Get-Command Only Exchange cmdlets: Get-ExCommand Cmdlets that match a specific string: Help *<string>* Get general help: Help Get help for a cmdlet: Help <cmdlet name> or <cmdlet name> -? Exchange team blog: Get-ExBlog Show full output for a command: <command> | Format-List Show quick reference guide: QuickRef VERBOSE: Connecting to sr-xxxxx.domain.lan. VERBOSE: Connected to sr-xxxxx.domain.lan. [PS] C:\windows\system32>Set-FederationTrust -Identity "Microsoft Federation Gateway" -Thumbprint CE7AB8B6603427556C825A1122E270E74F7B177A -RefreshMetaData Unable to access the Federation Metadata document from the federation partner. Detailed information: "Unable to connect to the remote server". + CategoryInfo : MetadataError: (:) [Set-FederationTrust], FederationMetadataException + FullyQualifiedErrorId : [Server=sr-xxxxx,RequestId=a22a6478-3923-408c-88f2-a54aa5db0f70,TimeStamp=25-4-2023 13:44:24] [FailureCategory=Cmdlet-FederationMetadataException] 67AB8D6B,Microsoft.Exchange .Management.SystemConfigurationTasks.SetFederationTrust + PSComputerName : sr-xxxxx.domain.lan [PS] C:\windows\system32>netsh winhttp show proxy Current WinHTTP proxy settings: Direct access (no proxy server). [PS] C:\windows\system32> [PS] C:\windows\system32>netsh winhttp show proxy Current WinHTTP proxy settings: Direct access (no proxy server). [PS] C:\windows\system32>netsh winhttp import proxy source=ie Current WinHTTP proxy settings: Proxy Server(s) : proxy.domain.lan:8080 Bypass List : 10.*;*.domain.lan;<local> [PS] C:\windows\system32>Set-FederationTrust -Identity "Microsoft Federation Gateway" -Thumbprint xxxxxxB6603427556Cxxxx1122E270E74Fxxxxxx -RefreshMetaData Unable to access the Federation Metadata document from the federation partner. Detailed information: "Unable to connect to the remote server". + CategoryInfo : MetadataError: (:) [Set-FederationTrust], FederationMetadataException + FullyQualifiedErrorId : [Server=sr-xxxxx,RequestId=c55ed676-399a-46ca-adca-13c851055ff4,TimeStamp=25-4-2023 15:13:47] [FailureCategory=Cmdlet-FederationMetadataException] 67AB8D6B,Microsoft.Exchange .Management.SystemConfigurationTasks.SetFederationTrust + PSComputerName : sr-xxxxx.domain.lan [PS] C:\windows\system32>Get-ExchangeServer -Identity sr-xxxxx | select *proxy* InternetWebProxy InternetWebProxyBypassList ---------------- -------------------------- [PS] C:\windows\system32>Set-ExchangeServer -Identity sr-xxxxx -InternetWebProxy http://1.1.1.1:8080 [PS] C:\windows\system32>Get-ExchangeServer -Identity sr-xxxxx | select *proxy* InternetWebProxy InternetWebProxyBypassList ---------------- -------------------------- http://1.1.1.1:8080/ [PS] C:\windows\system32>Set-FederationTrust -Identity "Microsoft Federation Gateway" -Thumbprint xxxxxxB6603427556Cxxxx1122E270E74Fxxxxxx -RefreshMetaData WARNING: The federation trust has changed to prepare for the usage of a new certificate for Federation. You should update all TXT proof-of-ownership records that were previously set in DNS for all the domains configured for Federation before publishing the new certificate. The new hash-value should be replaced with the OrgNextCertificate proof value output generated with "Get-FederatedDomainProof -DomainName example.com". [PS] C:\windows\system32>Get-FederatedDomainProof -DomainName domain.nl RunspaceId : 010137a2-e51c-41f7-88f6-f4e982724bb7 DomainName : domain.nl Name : OrgNextPrivCertificate Thumbprint : xxxxxxB6603427556Cxxxx1122E270E74Fxxxxxx Proof : XXXXXXXXnUXZ5I2/1r4OtQd+Ajif1kUWjbE/ZV/CIQfijGJlvcXXXXXXxsATxs82lE5l56iO+37XXXXXXXX DnsRecord : domain.nl TXT IN XXXXXXXXnUXZ5I2/1r4OtQd+Ajif1kUWjbE/ZV/CIQfijGJlvcXXXXXXxsATxs82lE5l56iO+37XXXXXXXX RunspaceId : 010137a2-e51c-41f7-88f6-f4e982724bb7 DomainName : domain.nl Name : OrgPrivCertificate Thumbprint : XXXXXXXX1770CAA82C2XXXXXX385DD36XXXXXXXX Proof : XXXXXXXXxqi4Dw2u377XXXXXXwpQUDo6TZrCyc+XgvWERobhE4b7WRnc2/lE89Sqta6FyFmOx++toIrBXXXXXXXX DnsRecord : domain.nl TXT IN XXXXXXXXxqi4Dw2u377XXXXXXwpQUDo6TZrCyc+XgvWERobhE4b7WRnc2/lE89Sqta6FyFmOx++toIrBXXXXXXXX [PS] C:\windows\system32>Set-ExchangeServer -Identity sr-xxxxx -InternetWebProxy $null [PS] C:\windows\system32>Get-ExchangeServer -Identity sr-xxxxx | select *proxy* InternetWebProxy InternetWebProxyBypassList ---------------- -------------------------- [PS] C:\windows\system32>netsh winhttp show proxy Current WinHTTP proxy settings: Proxy Server(s) : proxy.domain.lan:8080 Bypass List : 10.*;*.domain.lan;<local> [PS] C:\windows\system32>netsh winhttp clear proxy The following command was not found: winhttp clear proxy. [PS] C:\windows\system32>netsh winhttp reset proxy Current WinHTTP proxy settings: Direct access (no proxy server). [PS] C:\windows\system32>netsh winhttp show proxy Current WinHTTP proxy settings: Direct access (no proxy server). [PS] C:\windows\system32>$Servers = Get-ExchangeServer; $Servers | foreach {Get-ExchangeCertificate -Server $_ | Where {$_.Services -match 'Federation'}} | Format-List Identity,Thumbprint,Services,Subject Identity : sr-xxxxx.domain.lan\xxxxxxB6603427556Cxxxx1122E270E74Fxxxxxx Thumbprint : xxxxxxB6603427556Cxxxx1122E270E74Fxxxxxx Services : SMTP, Federation Subject : CN=Federation Identity : sr-xxxxx.domain.lan\XXXXXXXX1770CAA82C2XXXXXX385DD36XXXXXXXX Thumbprint : XXXXXXXX1770CAA82C2XXXXXX385DD36XXXXXXXX Services : SMTP, Federation Subject : CN=Federation Identity : sr-xxxxx.domain.lan\xxxxxxB6603427556Cxxxx1122E270E74Fxxxxxx Thumbprint : xxxxxxB6603427556Cxxxx1122E270E74Fxxxxxx Services : SMTP, Federation Subject : CN=Federation Identity : sr-xxxxx.domain.lan\XXXXXXXX1770CAA82C2XXXXXX385DD36XXXXXXXX Thumbprint : XXXXXXXX1770CAA82C2XXXXXX385DD36XXXXXXXX Services : SMTP, Federation Subject : CN=Federation The Exchange Certificate operation has failed with an exception on server sr-xxxx1. The error message is: Access is denied + CategoryInfo : InvalidOperation: (:) [Get-ExchangeCertificate], LocalizedException + FullyQualifiedErrorId : [Server=sr-xxxxx,RequestId=80e9b8ef-a09d-4128-a7c9-533951782758,TimeStamp=25-4-2023 15:41:21] [FailureCategory=Cmdlet-LocalizedException] 12503763,Microsoft.Exchange.Manageme nt.SystemConfigurationTasks.GetExchangeCertificate + PSComputerName : sr-xxxxx.domain.lan The Exchange Certificate operation has failed with an exception on server sr-xxxx1. The error message is: Access is denied + CategoryInfo : InvalidOperation: (:) [Get-ExchangeCertificate], LocalizedException + FullyQualifiedErrorId : [Server=sr-xxxxx,RequestId=a311f800-dc09-4efa-8ceb-ecd97b6f5965,TimeStamp=25-4-2023 15:41:21] [FailureCategory=Cmdlet-LocalizedException] 9671FFC8,Microsoft.Exchange.Manageme nt.SystemConfigurationTasks.GetExchangeCertificate + PSComputerName : sr-xxxxx.domain.lan [PS] C:\windows\system32>Set-FederationTrust -Identity "Microsoft Federation Gateway" -PublishFederationCertificate Creating a new session for implicit remoting of "Set-FederationTrust" command... An error occurred accessing Windows Live. Detailed information: "The remote server returned an error: (407) Proxy Authentication Required.". + CategoryInfo : InvalidResult: (:) [Set-FederationTrust], LiveDomainServicesException + FullyQualifiedErrorId : [Server=sr-xxxxx,RequestId=4a2f2b24-cb84-4f2a-95c5-a87a4d36bc8f,TimeStamp=26-4-2023 07:34:59] [FailureCategory=Cmdlet-LiveDomainServicesException] 5A701C9F,Microsoft.Exchange .Management.SystemConfigurationTasks.SetFederationTrust + PSComputerName : sr-xxxxx.domain.lan [PS] C:\windows\system32>$webclient=New-Object System.Net.WebClient [PS] C:\windows\system32>$webclient.Proxy.Credentials = [System.Net.CredentialCache]::DefaultNetworkCredentials [PS] C:\windows\system32>Set-FederationTrust -Identity "Microsoft Federation Gateway" -PublishFederationCertificate An error occurred accessing Windows Live. Detailed information: "The remote server returned an error: (407) Proxy Authentication Required.". + CategoryInfo : InvalidResult: (:) [Set-FederationTrust], LiveDomainServicesException + FullyQualifiedErrorId : [Server=sr-xxxxx,RequestId=4a2f2b24-cb84-4f2a-95c5-a87a4d36bc8f,TimeStamp=26-4-2023 07:35:22] [FailureCategory=Cmdlet-LiveDomainServicesException] 5A701C9F,Microsoft.Exchange .Management.SystemConfigurationTasks.SetFederationTrust + PSComputerName : sr-xxxxx.domain.lan [PS] C:\windows\system32>netsh winhttp show proxy Current WinHTTP proxy settings: Direct access (no proxy server). [PS] C:\windows\system32>[Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12; [PS] C:\windows\system32>[Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12 [PS] C:\windows\system32>Set-FederationTrust -Identity "Microsoft Federation Gateway" -PublishFederationCertificate An error occurred accessing Windows Live. Detailed information: "The remote server returned an error: (407) Proxy Authentication Required.". + CategoryInfo : InvalidResult: (:) [Set-FederationTrust], LiveDomainServicesException + FullyQualifiedErrorId : [Server=sr-xxxxx,RequestId=42e63050-a895-4073-a082-6d835d11e3eb,TimeStamp=26-4-2023 07:35:57] [FailureCategory=Cmdlet-LiveDomainServicesException] 5A701C9F,Microsoft.Exchange .Management.SystemConfigurationTasks.SetFederationTrust + PSComputerName : sr-xxxxx.domain.lan [PS] C:\windows\system32>Set-ExchangeServer -Identity sr-xxxxx -InternetWebProxy http://1.1.1.1:8080 [PS] C:\windows\system32>Set-FederationTrust -Identity "Microsoft Federation Gateway" -PublishFederationCertificate An error occurred accessing Windows Live. Detailed information: "The remote server returned an error: (407) Proxy Authentication Required.". + CategoryInfo : InvalidResult: (:) [Set-FederationTrust], LiveDomainServicesException + FullyQualifiedErrorId : [Server=sr-xxxxx,RequestId=4a2f2b24-cb84-4f2a-95c5-a87a4d36bc8f,TimeStamp=26-4-2023 07:36:47] [FailureCategory=Cmdlet-LiveDomainServicesException] 5A701C9F,Microsoft.Exchange .Management.SystemConfigurationTasks.SetFederationTrust + PSComputerName : sr-xxxxx.domain.lan [PS] C:\windows\system32>netsh winhttp import proxy source=ie Current WinHTTP proxy settings: Direct access (no proxy server). [PS] C:\windows\system32>netsh winhttp import proxy source=ie Current WinHTTP proxy settings: Proxy Server(s) : http://proxy.domain.lan:8080 Bypass List : 10.*;*.domain.lan;<local> [PS] C:\windows\system32>Set-FederationTrust -Identity "Microsoft Federation Gateway" -PublishFederationCertificate An error occurred accessing Windows Live. Detailed information: "The remote server returned an error: (407) Proxy Authentication Required.". + CategoryInfo : InvalidResult: (:) [Set-FederationTrust], LiveDomainServicesException + FullyQualifiedErrorId : [Server=sr-xxxxx,RequestId=4a2f2b24-cb84-4f2a-95c5-a87a4d36bc8f,TimeStamp=26-4-2023 07:40:27] [FailureCategory=Cmdlet-LiveDomainServicesException] 5A701C9F,Microsoft.Exchange .Management.SystemConfigurationTasks.SetFederationTrust + PSComputerName : sr-xxxxx.domain.lan [PS] C:\windows\system32>Set-FederationTrust -Identity "Microsoft Federation Gateway" -PublishFederationCertificate An error occurred accessing Windows Live. Detailed information: "The remote server returned an error: (407) Proxy Authentication Required.". + CategoryInfo : InvalidResult: (:) [Set-FederationTrust], LiveDomainServicesException + FullyQualifiedErrorId : [Server=sr-xxxxx,RequestId=42e63050-a895-4073-a082-6d835d11e3eb,TimeStamp=26-4-2023 07:40:53] [FailureCategory=Cmdlet-LiveDomainServicesException] 5A701C9F,Microsoft.Exchange .Management.SystemConfigurationTasks.SetFederationTrust + PSComputerName : sr-xxxxx.domain.lan [PS] C:\windows\system32>netsh winhttp reset proxy Current WinHTTP proxy settings: Direct access (no proxy server). [PS] C:\windows\system32>netsh winhttp set proxy proxy.domain.lan:8080 Current WinHTTP proxy settings: Proxy Server(s) : proxy.domain.lan:8080 Bypass List : (none) [PS] C:\windows\system32>Set-FederationTrust -Identity "Microsoft Federation Gateway" -PublishFederationCertificate An error occurred accessing Windows Live. Detailed information: "The remote server returned an error: (407) Proxy Authentication Required.". + CategoryInfo : InvalidResult: (:) [Set-FederationTrust], LiveDomainServicesException + FullyQualifiedErrorId : [Server=sr-xxxxx,RequestId=4a2f2b24-cb84-4f2a-95c5-a87a4d36bc8f,TimeStamp=26-4-2023 07:43:46] [FailureCategory=Cmdlet-LiveDomainServicesException] 5A701C9F,Microsoft.Exchange .Management.SystemConfigurationTasks.SetFederationTrust + PSComputerName : sr-xxxxx.domain.lan [PS] C:\windows\system32>netsh winhttp set proxy proxy.domain.lan:8080 bypass-list="*.microsoftonline-p.com" Current WinHTTP proxy settings: Proxy Server(s) : proxy.domain.lan:8080 Bypass List : *.microsoftonline-p.com [PS] C:\windows\system32>Set-FederationTrust -Identity "Microsoft Federation Gateway" -PublishFederationCertificate An error occurred accessing Windows Live. Detailed information: "The remote server returned an error: (407) Proxy Authentication Required.". + CategoryInfo : InvalidResult: (:) [Set-FederationTrust], LiveDomainServicesException + FullyQualifiedErrorId : [Server=sr-xxxxx,RequestId=2f6f2f77-9d84-4029-b860-3274731a42b7,TimeStamp=26-4-2023 07:45:04] [FailureCategory=Cmdlet-LiveDomainServicesException] 5A701C9F,Microsoft.Exchange .Management.SystemConfigurationTasks.SetFederationTrust + PSComputerName : sr-xxxxx.domain.lan [PS] C:\windows\system32>Stop-Service -Name WinHttpAutoProxySvc -Force Stop-Service : Service 'WinHTTP Web Proxy Auto-Discovery Service (WinHttpAutoProxySvc)' cannot be stopped due to the following error: Cannot open WinHttpAutoProxySvc service on computer '.'. At line:1 char:1 + Stop-Service -Name WinHttpAutoProxySvc -Force + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : CloseError: (System.ServiceProcess.ServiceController:ServiceController) [Stop-Service], ServiceCommandException + FullyQualifiedErrorId : CouldNotStopService,Microsoft.PowerShell.Commands.StopServiceCommand Stop-Service : Collection was modified; enumeration operation may not execute. At line:1 char:1 + Stop-Service -Name WinHttpAutoProxySvc -Force + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [Stop-Service], InvalidOperationException + FullyQualifiedErrorId : System.InvalidOperationException,Microsoft.PowerShell.Commands.StopServiceCommand [PS] C:\windows\system32>Set-Service -Name WinHttpAutoProxySvc -StartupType disabled Set-Service : Service 'WinHTTP Web Proxy Auto-Discovery Service (WinHttpAutoProxySvc)' cannot be configured due to the following error: Access is denied At line:1 char:1 + Set-Service -Name WinHttpAutoProxySvc -StartupType disabled + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : PermissionDenied: (System.ServiceProcess.ServiceController:ServiceController) [Set-Service], ServiceCommandException + FullyQualifiedErrorId : CouldNotSetService,Microsoft.PowerShell.Commands.SetServiceCommand [PS] C:\windows\system32>whoami domain\Username [PS] C:\windows\system32> [PS] C:\windows\system32> [PS] C:\windows\system32>Get-ExchangeServer -Identity sr-xxxxx | select *proxy* InternetWebProxy InternetWebProxyBypassList ---------------- -------------------------- http://1.1.1.1:8080/ [PS] C:\windows\system32>Set-ExchangeServer -Identity sr-xxxxx -InternetWebProxy http://1.1.1.1:8080 -InternetWebProxyBypassList "10.*;*.domain.lan" Cannot process argument transformation on parameter 'InternetWebProxyBypassList'. Cannot convert value "10.*;*.domain.lan" to type "Microsoft.Exchange.Data.MultiValuedProperty`1[Microsoft.Exchange.Data.Fqd n]". Error: "Failed to convert 10.*;*.domain.lan from System.String to Microsoft.Exchange.Data.Fqdn. Error: Error while converting string '10.*;*.domain.lan' to result type Microsoft.Exchange.Data.Fqdn: "1 0.*;*.domain.lan" isn't a valid SMTP domain." + CategoryInfo : InvalidData: (:) [Set-ExchangeServer], ParameterBindin...mationException + FullyQualifiedErrorId : ParameterArgumentTransformationError,Set-ExchangeServer + PSComputerName : sr-xxxxx.domain.lan [PS] C:\windows\system32>Get-ExchangeServer -Identity sr-xxxxx | select *proxy* InternetWebProxy InternetWebProxyBypassList ---------------- -------------------------- http://1.1.1.1:8080/ [PS] C:\windows\system32>Set-ExchangeServer -Identity sr-xxxxx -InternetWebProxy http://1.1.1.1:8080 -InternetWebProxyBypassList @{"10.*","*.domain.lan","*.microsoftonline-p.com"} >> ^C [PS] C:\windows\system32>Set-ExchangeServer -Identity sr-xxxxx -InternetWebProxy http://1.1.1.1:8080 -InternetWebProxyBypassList @("10.*","*.domain.lan","*.microsoftonline-p.com") Cannot process argument transformation on parameter 'InternetWebProxyBypassList'. Cannot convert value "10.* *.domain.lan *.microsoftonline-p.com" to type "Microsoft.Exchange.Data.MultiValuedProperty`1[Mic rosoft.Exchange.Data.Fqdn]". Error: "Cannot convert value "10.*" to type "Microsoft.Exchange.Data.Fqdn". Error: ""10.*" isn't a valid SMTP domain."" + CategoryInfo : InvalidData: (:) [Set-ExchangeServer], ParameterBindin...mationException + FullyQualifiedErrorId : ParameterArgumentTransformationError,Set-ExchangeServer + PSComputerName : sr-xxxxx.domain.lan [PS] C:\windows\system32>Set-ExchangeServer -Identity sr-xxxxx -InternetWebProxy http://1.1.1.1:8080 -InternetWebProxyBypassList @("domain.lan","microsoftonline-p.com") [PS] C:\windows\system32>Get-ExchangeServer -Identity sr-xxxxx | select *proxy* InternetWebProxy InternetWebProxyBypassList ---------------- -------------------------- http://1.1.1.1:8080/ {domain.lan, microsoftonline-p.com} [PS] C:\windows\system32>Set-FederationTrust -Identity "Microsoft Federation Gateway" -PublishFederationCertificate An error occurred accessing Windows Live. Detailed information: "The remote server returned an error: (407) Proxy Authentication Required.". + CategoryInfo : InvalidResult: (:) [Set-FederationTrust], LiveDomainServicesException + FullyQualifiedErrorId : [Server=sr-xxxxx,RequestId=c3dd4e8e-34bc-402a-9cdb-3cf6ca994637,TimeStamp=26-4-2023 07:56:54] [FailureCategory=Cmdlet-LiveDomainServicesException] 5A701C9F,Microsoft.Exchange .Management.SystemConfigurationTasks.SetFederationTrust + PSComputerName : sr-xxxxx.domain.lan
[PS] C:\windows\system32>Set-FederationTrust -Identity "Microsoft Federation Gateway" -PublishFederationCertificate WARNING: The federation trust has changed to use a new certificate for Federation. You should update all TXT proof-of-ownership records that were previously set in DNS for all the domains configured for Federation. The new hash-value should be replaced with the OrgNextCertificate proof value output of the OrgNextCertificate generated with "Get-FederatedDomainProof -DomainName example.com". [PS] C:\windows\system32>Get-FederationTrust | Format-List *priv* OrgPrivCertificate : xxxxxxB6603427556Cxxxx1122E270E74Fxxxxxx OrgNextPrivCertificate : OrgPrevPrivCertificate : XXXXXXXX1770CAA82C2XXXXXX385DD36XXXXXXXX [PS] C:\windows\system32>Test-FederationTrust -UserIdentity user@domain.nl Begin process. STEP 1 of 6: Getting ADUser information for user@domain.nl... RESULT: Success. STEP 2 of 6: Getting FederationTrust object for user@domain.nl... RESULT: Success. STEP 3 of 6: Validating that the FederationTrust has the same STS certificates as the actual certificates published by the STS in the federation metadata. RESULT: Success. STEP 4 of 6: Getting STS and Organization certificates from the federation trust object... RESULT: Success. Validating current configuration for FYDIBOHF25SPDLT.domain.nl... Validation successful. STEP 5 of 6: Requesting delegation token... RESULT: Success. Token retrieved. STEP 6 of 6: Validating delegation token... RESULT: Success. Closing Test-FederationTrust... RunspaceId : 043079c7-9ca2-4188-ac0e-681276d2b6e5 Id : FederationTrustConfiguration Type : Success Message : FederationTrust object in ActiveDirectory is valid. RunspaceId : 043079c7-9ca2-4188-ac0e-681276d2b6e5 Id : FederationMetadata Type : Error Message : Unable to retrieve federation metadata from the security token service. RunspaceId : 043079c7-9ca2-4188-ac0e-681276d2b6e5 Id : StsCertificate Type : Success Message : Valid certificate referenced by property TokenIssuerCertificate in the FederationTrust object. RunspaceId : 043079c7-9ca2-4188-ac0e-681276d2b6e5 Id : StsPreviousCertificate Type : Success Message : Valid certificate referenced by property TokenIssuerPrevCertificate in the FederationTrust object. RunspaceId : 043079c7-9ca2-4188-ac0e-681276d2b6e5 Id : OrganizationCertificate Type : Success Message : Valid certificate referenced by property OrgPrivCertificate in the FederationTrust object. RunspaceId : 043079c7-9ca2-4188-ac0e-681276d2b6e5 Id : OrganizationPreviousCertificate Type : Success Message : Valid certificate referenced by property OrgPrevPrivCertificate in the FederationTrust object. RunspaceId : 043079c7-9ca2-4188-ac0e-681276d2b6e5 Id : TokenRequest Type : Success Message : Request for delegation token succeeded. RunspaceId : 043079c7-9ca2-4188-ac0e-681276d2b6e5 Id : TokenValidation Type : Success Message : Requested delegation token is valid. [PS] C:\windows\system32> [PS] C:\windows\system32>Set-ExchangeServer -Identity sr-xxxxx -InternetWebProxy $null -InternetWebProxyBypassList $null [PS] C:\windows\system32>Get-ExchangeServer -Identity sr-xxxxx | select *proxy* InternetWebProxy InternetWebProxyBypassList ---------------- --------------------------