Solved

Installing a Security Certificate for Exchange 2007 still shows original self signed certificate.

Posted on 2008-10-15
2
1,176 Views
Last Modified: 2012-05-05
We processed and received back a Security Certificate for our Exchange Server.

Since installing per instructions the exchange server still links to the original self-signed certificate - which it shouldn't!

From outside we use webmail.domain.com to access the server (via OWA)
Internally we use servername.netbiosdomainname.local

This is the layout of the issued certificate

Primary domain name = domain.com

Sans list

1 - servername.netbiosdomainname.local
2 - domain.com
3 - webmail.domain.com


Should we have: 4 - servername (by itself)?

By running the below in powershell:
C:\>Get-ExchangeCertificate -DomainName servername.netbiosdomainname.local

It comes up with

print                                Services   Subject
-----                                --------   -------
C630********328E5342FF66D98A621BC0E  ..U..      CN=domainname.com
05E********BABE77335455321F7FF1498  IPUWS      CN=servername
4A821D31FE********73A8759E44B972BDA  IPU.S      CN=servername

0
Comment
Question by:kiwistag
2 Comments
 
LVL 16

Accepted Solution

by:
BBRazz earned 500 total points
ID: 22726825
Seems like the certificate has not been enabled for the services they n

Enabling the Exchange Certificate

Enable-ExchangeCertificate -thumb 484152332E6CD3F9864CEB933BC64867DF29BB0B Services IIS, SMTP, POP, IMAP

If you now look at OWA, you will see the newly assigned Certificate running on Site.

As good housekeeping, it would be good practice to remove the un-neccesary certificates to aid easier administration at a later date.eed to use.

-BBRazz
0
 
LVL 6

Author Comment

by:kiwistag
ID: 22736166
Yippee!!!!!!

Thanks - will e-mail Comodo to let them know what the issue was.

Their instructions stated:
Import-ExchangeCertificate -Path c:\exchange.comodo.com.crt | Enable-ExchangeCertificate -Services "SMTP, POP, IMAP, IIS"

Which obviously doesn't allow a force overwriting of the certificate assigned.
0

Featured Post

Do email signature updates give you a headache?

Constantly trying to correctly format email signatures? Spending all of your time at every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

Join & Write a Comment

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
how to add IIS SMTP to handle application/Scanner relays into office 365.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now