Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Exchange 2007: Certificate Renewal

Posted on 2008-10-13
10
Medium Priority
?
9,331 Views
Last Modified: 2012-05-05
My Exchange 2007 certificate is due to expire in about a month and this will be the first time I have renewed it. Can someone give me some detailed instructions on how to do it? I am trying to avoid any mistakes on my end thus eliminating any unecessary downtime. Thanks.
0
Comment
Question by:rbichon
10 Comments
 
LVL 5

Expert Comment

by:ccns
ID: 22706190
have a look here, has alot of information re exchange cetificates
http://technet.microsoft.com/en-us/library/bb851505(EXCHG.80).aspx
0
 
LVL 11

Expert Comment

by:Bertling
ID: 22707748
is this a selfc assigned or from an external CA? like verisign or thawte?
0
NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

 
LVL 1

Author Comment

by:rbichon
ID: 22710989
It is an external CA from Comodo.
0
 
LVL 11

Expert Comment

by:Bertling
ID: 22711101
just go ahead an apply for the renewed cert from Comodo. please advise what format you get the cert in or if it is just encrypted text.

then i can help you import it in to IIS without you having to worry about any downtime.
0
 
LVL 1

Author Comment

by:rbichon
ID: 22711224
This is the command I used when inserting the first certificate:
Import-ExchangeCertificate -Path C:\cert.crt | Enable-ExchangeCertificate -Services "SMTP, IMAP, POP, IIS"
Once I get the new certificate, do I just run the same command? After I get it installed, should I remove the first certificate? Is there anything special that I need to do to make sure the new certificate is being used?
0
 
LVL 11

Accepted Solution

by:
Bertling earned 2000 total points
ID: 22711622
yes run that command,

then use Get-ExchangeCertificate to check their service type status

then use Remove-ExchangeCertificate to remove the old certs

hope it all works out
0
 
LVL 1

Author Comment

by:rbichon
ID: 22712134
I got the request in for a new cert. Once it comes in I will post back. Thanks for your help.
0
 
LVL 1

Author Comment

by:rbichon
ID: 22720913
Using the Get-ExchangeCertificate command turned out to be an absolutely crucial step. After installing the cert I ran that command and found that the cert was not being used for SMTP or IIS. I used Enable-ExchangeCertificate to enable both of those services on the new cert before removing the other certs. If I hadn't done that first, several Exchange services would have been affected and I would have had no idea why. Thanks!
0
 
LVL 11

Expert Comment

by:Bertling
ID: 22720939
no probs! thanks for the feedback
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The main intent of this article is to make you aware of ‘Exchange fail to mount’ error, its effects, causes, and solution.
Steps to fix error: “Couldn’t mount the database that you specified. Specified database: HU-DB; Error code: An Active Manager operation fail”
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question