Exchange 2007 will issue Self-Signed to all except Mailbox Server. Self-Signed certificates are only valid for one year.
Below command helps to create Self-Singed for SMTP TLS connection. You can use the below command when you get this error in transport server

“The STARTTLS certificate will soon expire. The STARTTLS certificate is the certificate not used for internal TLS applications” Event id :12023

New-ExchangeCertificate -PrivateKeyExportable $TRUE -SubjectName “CN=servername” -DomainName FQDNservername |Enable-ExchangeCertificate -Services SMTP

Below command help to renew the exisitng self-signed certificate to next one year from the date of running this command

Get-ExchangeCertificate | New-ExchangeCertificate