Exchange Edge is using self-signed certificate for the SMTP services and for subscribe new Exchange synchronization between Hub and Edge servers.

Self-signed certificates are only valid for one year.

To display certificate used by Exchange Server run this command:

Get-ExchangeCertificate | fl

To renew a self-signed certificate for Exchange Edge you can use Exchange Management Shell command:

Get-ExchangeCertificate | New-ExchangeCertificate

To generate new self-signed certificate for Exchange Edge you can use Exchange Management Shell command:

New-ExchangeCertificate ?FriendlyName ??oExchange Edge Certificate??? ?SubjectName ??ocn=mail.contoso.local??? ?DomainName ??oex2007edge, mail.contoso.local??? ?PrivateKeyExportable:$True | Enable-ExchangeCertificate ?Services SMTP