I currently have an SSL123 Thawte certificate on my Exchange server. It is set to expire soon, so I'm trying to renew it. I am using the IIS 6 Certificate Wizard to create the new Certificate Signing Request (CSR). When I get to the last screen with the summary of information that will be used and click next I get an error that says "Access is Denied."
I am able to remove the current certificate, reinstall the current certificate, but am unable to create a CSR for a new certificate or for a renewal. This happens if I choose to send it directly to Thawte or if I choose to create it in a file and save it to send later.
I've tried this while logged in as a domain administrator and the local administrator.
The only thing that I know of that has changed is that we had a domain controller that was our organization's CA crash. We haven't been able to restore it. We have other domain controllers, so that wasn't a big deal, but it was our only CA. Is this something that could be related?
There aren't any error messages in the event log.