Once a year you will need to create new edge certificates and re-establish the synchronization. Here is the steps to do this process (All commands are run in EWS):
View the status of current Certificates: Get-ExchangeCertificate | List Created new certificate (This step needs to be done on hub transport and edge server): New-ExchangeCertificate select Yes to overwrite Move IIS role to new Certificate: Enable-ExchangeCertificate -Thumbprint (put thumbprint of new cert here) -Service IIS Remove old Certificate in IIS (select old cert and hit delete) or EWS using: Remove-ExchangeCertificate -Thumbprint (old cert thumbprint key here) On Edge Server type: New-EdgeSubscription (type file path/name when prompted ex. c:newedge.xml) Copy xml file you created to Hub Transport server(flash drive or network drive) Open Exchange Management Console on Hub Transport. Goto Organization Configuration -> Hub Transport. Select New Edge Subscription and select the xml file (leave all settings on config page default and hit new) Open EWS back up on Hub transport and type: Start-EdgeSynchronization Now test your edge sync by typing: Test-EdgeSyncronization (Everything should be synchronized)
Do your test emails to verify connectivity and you are finished.