Because the DC cannot contact other DCs during the operation, the AD DS forest metadata is not automatically updated as it is when a DC is removed normally.
Instead, you must manually update the forest metadata after you remove the DC.
Exchange Server 2013 provides secure client-server and server-server network communications by using SSL certificates to secure protocols such as HTTP, SMTP, POP and IMAP.
Because of the “secure by default” requirements, when an Exchange 2013 server is installed it is configured with self-signed SSL certificates that are enabled for those protocols.
This means all you have to do is delete the DC in Active Directory's Users and Computers—there's no need to launch ntdsutil.