A special Rpc error occurs on server

You like to remove a certificate in Exchange Server. After logging into Exchange Admin Center and removing the certificate, an error is showing. It’s showing that a special Rpc error occurs on server Exchange. Removing the certificate with PowerShell is giving you the same error. Now how to fix this problem and why are you getting that error?

Error when removing certificate in Exchange Server

Removing the Exchange certificate is not working and an error is showing. Let’s have a look at what is happening in the Exchange Admin Center and in PowerShell. After that, we can come up with a solution.

Error a special Rpc error occurs on server in Exchange Admin Center

The following error is showing when removing the certificate in Exchange Server 2016.

A special Rpc error occurs on server error

error

A special Rpc error occurs on server EX01-2016: The internal transport certificate cannot be removed because that would cause the Microsoft Exchange Transport service to stop. To replace the internal transport certificate, create a new certificate. The new certificate will automatically become the internal transport certificate. You can then remove the existing certificate.

Error a special Rpc error occurs on server with PowerShell

Find the thumbprint of the certificate that you like to remove in Exchange Admin Center. Do you want to find the certificate in PowerShell? Read the article Get Exchange certificiate with PowerShell.

Click servers in the feature pane and follow with certificates in the tabs. Select the certificate in the list view and click the edit icon.

A special Rpc error occurs on server certificate edit old certificate

Click general in the menu and copy the thumbprint.

A special Rpc error occurs on server old certificate general

Run Exchange Management Shell as administrator. Make use of the Remove-ExchangeCertificate cmdlet including the -Thumbprint parameter. Paste the thumbprint that you copied from the previous step after the -Thumbprint parameter.

[PS] C:\>Remove-ExchangeCertificate -Thumbprint 0C4C00B76EB7DB236573BF79258888D32C9B753D

Confirm
Are you sure you want to perform this action?
Remove certificate with thumbprint 0C4C00B76EB7DB236573BF79258888D32C9B753D from the computer's certificate store?
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [?] Help (default is "Y"): Y
A special Rpc error occurs on server EX01-2016: The internal transport certificate cannot be removed because that
would cause the Microsoft Exchange Transport service to stop. To replace the internal transport certificate, create a
new certificate. The new certificate will automatically become the internal transport certificate. You can then remove
the existing certificate.
    + CategoryInfo          : InvalidArgument: (:) [Remove-ExchangeCertificate], InvalidOperationException
    + FullyQualifiedErrorId : [Server=EX01-2016,RequestId=2b89e3a0-3a90-44a0-a24f-b4a3aab1ac8f,TimeStamp=6/8/2020 6:14
   :05 PM] [FailureCategory=Cmdlet-InvalidOperationException] 20CCF95D,Microsoft.Exchange.Management.SystemConfigurat
  ionTasks.RemoveExchangeCertificate
    + PSComputerName        : ex01-2016.exoip.local

The error is clearly showing and the certificate can’t be removed. What is the solution?

Assign certificate to Exchange services

Click the new certificate that you like to assign to the Exchange services. Click the edit icon. In my example, it’s the self-signed certificate.

A special Rpc error occurs on server certificate edit new certificate

Click services on the left menu. We clearly can see that the services are already checked and greyed out.

A special Rpc error occurs on server new certificate services greyed out

Solution a special Rpc error occurs on server

Let’s recap that, the services are checked on the self-signed certificate. We can’t remove the old certificate as an error is showing up. What is the solution? The answer is PowerShell. We have to assign the self-signed certificate to the Exchange services with PowerShell.

Before we do that, grab the thumbprint certificate of the certificate that you like to assign. Copy the thumbprint.

A special Rpc error occurs on server new certificate general

Assign the new certificate to the Exchange services. Click Y and press Enter.

[PS] C:\>Enable-ExchangeCertificate -Thumbprint 9BC8DF0DC366A87E2D397DD4CD328D91533346D2 -Services SMTP,IMAP,POP,IIS

Confirm
Overwrite the existing default SMTP certificate?

Current certificate: '0C4C00B76EB7DB236573BF79258888D32C9B753D' (expires 9/3/2020 6:22:51 PM)
Replace it with certificate: '9BC8DF0DC366A87E2D397DD4CD328D91533346D2' (expires 6/6/2025 8:00:12 PM)
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [?] Help (default is "Y"): Y

Have a look at the old certificate that we want to remove. Almost all services are unchecked (only SMTP is checked).

A special Rpc error occurs on server old certificate services unchecked

Click the certificate and click the delete icon.

A special Rpc error occurs on server delete old certificate

A warning is showing. Click OK.

warning deleting certificate

The certificate is not showing in the list view. The certificate is removed successfully.

I hope that this article helped you to fix the a special Rpc error occurs on server from showing.

Conclusion

In this article, you learned why the error a special Rpc error occurs on server is showing. Get the thumbprint of the certificate that you like to assign. Run the cmdlet as shown in the article to assign the certificate to the Exchange services. After that, remove the old certificate. No more error showing up.

Did you enjoy this article? If so, you may like the article How to import certificate in Exchange 2016. Don’t forget to follow us and share this article.

ALI TAJRAN

ALI TAJRAN

ALI TAJRAN is a passionate IT Architect, IT Consultant, and Microsoft Certified Trainer. He started Information Technology at a very young age, and his goal is to teach and inspire others. Read more »

TwitterLinkedIn

What Others Are Reading

This Post Has 0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Back To Top