Skip to content

A special Rpc error occurs on server

You like to remove a certificate in Exchange Server. After signing in to Exchange Admin Center and removing the certificate, an error is showing. It’s showing that a special Rpc error occurs on server Exchange. Removing the certificate with PowerShell gives you the same error. Now how to fix this problem, and why do you get that error?

Error when removing certificate in Exchange Server

Removing the Exchange certificate is not working, and an error is showing. Let’s have a look at what is happening in the Exchange Admin Center and in PowerShell. After that, we can come up with a solution.

Error a special Rpc error occurs on server in Exchange Admin Center

The following error appears when removing the certificate in Exchange Server.

A special Rpc error occurs on server error

error
A special Rpc error occurs on server EX01-2016: The internal transport certificate cannot be removed because that would cause the Microsoft Exchange Transport service to stop. To replace the internal transport certificate, create a new certificate. The new certificate will automatically become the internal transport certificate. You can then remove the existing certificate.

Error a special Rpc error occurs on server with PowerShell

Find the certificate’s thumbprint you want to remove in Exchange Admin Center. Do you want to find the certificate in PowerShell? Read the article Get Exchange certificate with PowerShell.

Click servers in the feature pane and follow with certificates in the tabs. Select the certificate in the list view and click the edit icon.

A special Rpc error occurs on server certificate edit old certificate

Click general in the menu and copy the thumbprint.

A special Rpc error occurs on server old certificate general

Run Exchange Management Shell as administrator. Make use of the Remove-ExchangeCertificate cmdlet, including the -Thumbprint parameter. Paste the thumbprint you copied from the previous step after the -Thumbprint parameter.

[PS] C:\>Remove-ExchangeCertificate -Thumbprint 0C4C00B76EB7DB236573BF79258888D32C9B753D

Confirm
Are you sure you want to perform this action?
Remove certificate with thumbprint 0C4C00B76EB7DB236573BF79258888D32C9B753D from the computer's certificate store?
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [?] Help (default is "Y"): Y
A special Rpc error occurs on server EX01-2016: The internal transport certificate cannot be removed because that
would cause the Microsoft Exchange Transport service to stop. To replace the internal transport certificate, create a
new certificate. The new certificate will automatically become the internal transport certificate. You can then remove
the existing certificate.
    + CategoryInfo          : InvalidArgument: (:) [Remove-ExchangeCertificate], InvalidOperationException
    + FullyQualifiedErrorId : [Server=EX01-2016,RequestId=2b89e3a0-3a90-44a0-a24f-b4a3aab1ac8f,TimeStamp=6/8/2020 6:14
   :05 PM] [FailureCategory=Cmdlet-InvalidOperationException] 20CCF95D,Microsoft.Exchange.Management.SystemConfigurat
  ionTasks.RemoveExchangeCertificate
    + PSComputerName        : ex01-2016.exoip.local

The error is clearly showing, and the certificate can’t be removed. What is the solution?

Assign certificate to Exchange services

Click the new certificate that you like to assign to the Exchange services. Click the edit icon. In my example, it’s the self-signed certificate.

A special Rpc error occurs on server certificate edit new certificate

Click services on the left menu. We clearly can see that the services are already checked and greyed out.

A special Rpc error occurs on server new certificate services greyed out

Solution a special Rpc error occurs on server

The services are checked on the self-signed certificate. But we can’t remove the old certificate as an error is showing up. What is the solution? The answer is PowerShell. We have to assign the self-signed certificate to the Exchange services with PowerShell.

Before we do that, copy the thumbprint certificate of the certificate that you like to assign.

A special Rpc error occurs on server new certificate general

Assign the new certificate to the Exchange services. Click Y and press Enter.

[PS] C:\>Enable-ExchangeCertificate -Thumbprint 9BC8DF0DC366A87E2D397DD4CD328D91533346D2 -Services SMTP,IMAP,POP,IIS

Confirm
Overwrite the existing default SMTP certificate?

Current certificate: '0C4C00B76EB7DB236573BF79258888D32C9B753D' (expires 9/3/2020 6:22:51 PM)
Replace it with certificate: '9BC8DF0DC366A87E2D397DD4CD328D91533346D2' (expires 6/6/2025 8:00:12 PM)
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [?] Help (default is "Y"): Y

Click the certificate and click the delete icon.

A special Rpc error occurs on server delete old certificate

A warning is showing. Click OK.

warning deleting certificate

The certificate is not showing in the list view. The certificate is removed successfully.

I hope that this article helped you to fix the a special Rpc error occurs on server from showing.

Read more: How to create certificate in Exchange Server »

Conclusion

You learned why the error a special Rpc error occurs on server is showing. Get the thumbprint of the certificate that you like to assign. Run the cmdlet as shown in the article to assign the certificate to the Exchange services. After that, remove the old certificate. No more error is showing up.

Did you enjoy this article? If so, you may like Install FREE Let’s Encrypt certificate in Exchange Server. Don’t forget to follow us and share this article.

ALI TAJRAN

ALI TAJRAN

ALI TAJRAN is a passionate IT Architect, IT Consultant, and Microsoft Certified Trainer. He started Information Technology at a very young age, and his goal is to teach and inspire others. Read more »

This Post Has 7 Comments

  1. ALI- Thank you for your help and great work!!!
    My 1st time ever Exchange 2010 to 2016 migration was all done just following all the articles from your site. Now, I’m remove all Exchange 2010 entries from 2016 servers so that I could decom. Exchange 2010. Removing 2010 Mailboxes giving error message, Can you provide a guide to complete remove 2010 from 2016?

  2. My old wildcard certificate has only SMTP checked and I still can’t delete it. The same message occurred 🙁

  3. Issue for me was that the Microsoft Exchange Server Auth Certificate was the one that the command wanted to replace rather than the imported godaddy certificate..
    Ideas why and how i force replacement of the correct one?

Leave a Reply

Your email address will not be published. Required fields are marked *