Solved

Exchange 2007: Certificate Renewal

Posted on 2008-10-13
10
9,306 Views
Last Modified: 2012-05-05
My Exchange 2007 certificate is due to expire in about a month and this will be the first time I have renewed it. Can someone give me some detailed instructions on how to do it? I am trying to avoid any mistakes on my end thus eliminating any unecessary downtime. Thanks.
0
Comment
Question by:rbichon
10 Comments
 
LVL 5

Expert Comment

by:NutrientMS
ID: 22706180
0
 
LVL 5

Expert Comment

by:ccns
ID: 22706190
have a look here, has alot of information re exchange cetificates
http://technet.microsoft.com/en-us/library/bb851505(EXCHG.80).aspx
0
 
LVL 11

Expert Comment

by:Bertling
ID: 22707748
is this a selfc assigned or from an external CA? like verisign or thawte?
0
 
LVL 1

Author Comment

by:rbichon
ID: 22710989
It is an external CA from Comodo.
0
 
LVL 11

Expert Comment

by:Bertling
ID: 22711101
just go ahead an apply for the renewed cert from Comodo. please advise what format you get the cert in or if it is just encrypted text.

then i can help you import it in to IIS without you having to worry about any downtime.
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 1

Author Comment

by:rbichon
ID: 22711224
This is the command I used when inserting the first certificate:
Import-ExchangeCertificate -Path C:\cert.crt | Enable-ExchangeCertificate -Services "SMTP, IMAP, POP, IIS"
Once I get the new certificate, do I just run the same command? After I get it installed, should I remove the first certificate? Is there anything special that I need to do to make sure the new certificate is being used?
0
 
LVL 11

Accepted Solution

by:
Bertling earned 500 total points
ID: 22711622
yes run that command,

then use Get-ExchangeCertificate to check their service type status

then use Remove-ExchangeCertificate to remove the old certs

hope it all works out
0
 
LVL 1

Author Comment

by:rbichon
ID: 22712134
I got the request in for a new cert. Once it comes in I will post back. Thanks for your help.
0
 
LVL 1

Author Comment

by:rbichon
ID: 22720913
Using the Get-ExchangeCertificate command turned out to be an absolutely crucial step. After installing the cert I ran that command and found that the cert was not being used for SMTP or IIS. I used Enable-ExchangeCertificate to enable both of those services on the new cert before removing the other certs. If I hadn't done that first, several Exchange services would have been affected and I would have had no idea why. Thanks!
0
 
LVL 11

Expert Comment

by:Bertling
ID: 22720939
no probs! thanks for the feedback
0

Featured Post

Want to promote your upcoming event?

Attending an event? Speaking at a conference? Or exhibiting at a trade show? Easily inform your contacts by using a promotional banner in your email signature. This will ensure your organization’s most important contacts are in the know.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
exchange power shell 17 69
Can't send to contact 6 39
.cer Exchange Certificate 2013 issue. 2 27
Move mailbox to new database 9 6
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now