Merge pull request #1626 from microsoft/lusassl-MonitorExchangeAuthCertMarch23Adjustments

Use shared TrustAnyCertificateCallback function in MonitorExchangeAuthCertificate script

Author: lusassl-msft

Admin/MonitorExchangeAuthCertificate/MonitorExchangeAuthCertificate.ps1

@@ -305,6 +305,7 @@ function Main {
             Write-Host ("Please check if the test message was received by the following recipient(s): $($SendEmailNotificationTo)")
         } else {
             Write-Host ("We hit an exception while processing your test email message. Please check the log file") -ForegroundColor Yellow
+            Write-Host ("`n$($Error[0].Exception.Message)") -ForegroundColor Red
         }
         return
     }
@@ -434,7 +435,7 @@ function Main {
         Write-Host ("We couldn't validate if the Auth Certificate is properly configured because $($authCertStatus.NumberOfUnreachableServers) servers were unreachable.") -ForegroundColor Yellow
         Write-Host ("The unreachable servers are: $([string]::Join(", ", $authCertStatus.UnreachableServersList))") -ForegroundColor Yellow
     } elseif ($stopProcessingDueToHybrid) {
-        Write-Host ("We have not made any configuration change because because Exchange Hybrid has been detected in your environment.") -ForegroundColor Yellow
+        Write-Host ("We have not made any configuration change because Exchange Hybrid has been detected in your environment.") -ForegroundColor Yellow
         Write-Host ("Please rerun the script using the '-IgnoreHybridConfig `$true' parameter to perform the renewal action.") -ForegroundColor Yellow
         Write-Host ("It's also required to run the Hybrid Configuration Wizard (HCW) after the primary Auth Certificate was replaced.") -ForegroundColor Yellow
     } else {

Shared/EMailFunctions/Send-EwsMailMessage.ps1

@@ -2,6 +2,7 @@
 # Licensed under the MIT License.
 
 . $PSScriptRoot\..\Invoke-CatchActionError.ps1
+. $PSScriptRoot\..\CertificateFunctions\Enable-TrustAnyCertificateCallback.ps1
 
 function Send-EwsMailMessage {
     [CmdletBinding()]
@@ -57,19 +58,6 @@ function Send-EwsMailMessage {
         Write-Verbose "Calling: $($MyInvocation.MyCommand)"
         [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
 
-        $trustAllCertsPolicyClass = @"
-        using System.Net;
-        using System.Security.Cryptography.X509Certificates;
-        public class TrustAllCertsPolicy : ICertificatePolicy {
-            public bool CheckValidationResult(
-                ServicePoint srvPoint, X509Certificate certificate,
-                WebRequest request, int certificateProblem) {
-                return true;
-            }
-        }
-"@
-        Add-Type -TypeDefinition $trustAllCertsPolicyClass -ErrorAction Stop
-
         if (Test-Path $EwsManagedAPIAssemblyPath) {
             Write-Verbose ("EWS Managed API Assembly was found under: $($EwsManagedAPIAssemblyPath)")
             Add-Type -Path $EwsManagedAPIAssemblyPath
@@ -80,8 +68,8 @@ function Send-EwsMailMessage {
         }
     } process {
         if ($IgnoreCertificateMismatch) {
-            Write-Verbose ("IgnoreCertificateMismatch was used -policy will be set to: TrustAllCertsPolicy")
-            [System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
+            Write-Verbose ("IgnoreCertificateMismatch was used - policy will be set to: TrustAnyCertificate")
+            Enable-TrustAnyCertificateCallback
         }
 
         try {