Solved

Exchange 2007: Certificate Renewal

Posted on 2008-10-13
10
9,300 Views
Last Modified: 2012-05-05
My Exchange 2007 certificate is due to expire in about a month and this will be the first time I have renewed it. Can someone give me some detailed instructions on how to do it? I am trying to avoid any mistakes on my end thus eliminating any unecessary downtime. Thanks.
0
Comment
Question by:rbichon
10 Comments
 
LVL 5

Expert Comment

by:NutrientMS
ID: 22706180
0
 
LVL 5

Expert Comment

by:ccns
ID: 22706190
have a look here, has alot of information re exchange cetificates
http://technet.microsoft.com/en-us/library/bb851505(EXCHG.80).aspx
0
 
LVL 11

Expert Comment

by:Bertling
ID: 22707748
is this a selfc assigned or from an external CA? like verisign or thawte?
0
 
LVL 1

Author Comment

by:rbichon
ID: 22710989
It is an external CA from Comodo.
0
 
LVL 11

Expert Comment

by:Bertling
ID: 22711101
just go ahead an apply for the renewed cert from Comodo. please advise what format you get the cert in or if it is just encrypted text.

then i can help you import it in to IIS without you having to worry about any downtime.
0
Do email signature updates give you a headache?

Do you feel like you are constantly making changes to email signatures? Are the images not formatting how you want them to? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today.

 
LVL 1

Author Comment

by:rbichon
ID: 22711224
This is the command I used when inserting the first certificate:
Import-ExchangeCertificate -Path C:\cert.crt | Enable-ExchangeCertificate -Services "SMTP, IMAP, POP, IIS"
Once I get the new certificate, do I just run the same command? After I get it installed, should I remove the first certificate? Is there anything special that I need to do to make sure the new certificate is being used?
0
 
LVL 11

Accepted Solution

by:
Bertling earned 500 total points
ID: 22711622
yes run that command,

then use Get-ExchangeCertificate to check their service type status

then use Remove-ExchangeCertificate to remove the old certs

hope it all works out
0
 
LVL 1

Author Comment

by:rbichon
ID: 22712134
I got the request in for a new cert. Once it comes in I will post back. Thanks for your help.
0
 
LVL 1

Author Comment

by:rbichon
ID: 22720913
Using the Get-ExchangeCertificate command turned out to be an absolutely crucial step. After installing the cert I ran that command and found that the cert was not being used for SMTP or IIS. I used Enable-ExchangeCertificate to enable both of those services on the new cert before removing the other certs. If I hadn't done that first, several Exchange services would have been affected and I would have had no idea why. Thanks!
0
 
LVL 11

Expert Comment

by:Bertling
ID: 22720939
no probs! thanks for the feedback
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now