Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 9332
  • Last Modified:

Exchange 2007: Certificate Renewal

My Exchange 2007 certificate is due to expire in about a month and this will be the first time I have renewed it. Can someone give me some detailed instructions on how to do it? I am trying to avoid any mistakes on my end thus eliminating any unecessary downtime. Thanks.
0
rbichon
Asked:
rbichon
1 Solution
 
ccnsCommented:
have a look here, has alot of information re exchange cetificates
http://technet.microsoft.com/en-us/library/bb851505(EXCHG.80).aspx
0
 
BertlingCommented:
is this a selfc assigned or from an external CA? like verisign or thawte?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
rbichonAuthor Commented:
It is an external CA from Comodo.
0
 
BertlingCommented:
just go ahead an apply for the renewed cert from Comodo. please advise what format you get the cert in or if it is just encrypted text.

then i can help you import it in to IIS without you having to worry about any downtime.
0
 
rbichonAuthor Commented:
This is the command I used when inserting the first certificate:
Import-ExchangeCertificate -Path C:\cert.crt | Enable-ExchangeCertificate -Services "SMTP, IMAP, POP, IIS"
Once I get the new certificate, do I just run the same command? After I get it installed, should I remove the first certificate? Is there anything special that I need to do to make sure the new certificate is being used?
0
 
BertlingCommented:
yes run that command,

then use Get-ExchangeCertificate to check their service type status

then use Remove-ExchangeCertificate to remove the old certs

hope it all works out
0
 
rbichonAuthor Commented:
I got the request in for a new cert. Once it comes in I will post back. Thanks for your help.
0
 
rbichonAuthor Commented:
Using the Get-ExchangeCertificate command turned out to be an absolutely crucial step. After installing the cert I ran that command and found that the cert was not being used for SMTP or IIS. I used Enable-ExchangeCertificate to enable both of those services on the new cert before removing the other certs. If I hadn't done that first, several Exchange services would have been affected and I would have had no idea why. Thanks!
0
 
BertlingCommented:
no probs! thanks for the feedback
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now