Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Installing a Security Certificate for Exchange 2007 still shows original self signed certificate.

Posted on 2008-10-15
2
Medium Priority
?
1,239 Views
Last Modified: 2012-05-05
We processed and received back a Security Certificate for our Exchange Server.

Since installing per instructions the exchange server still links to the original self-signed certificate - which it shouldn't!

From outside we use webmail.domain.com to access the server (via OWA)
Internally we use servername.netbiosdomainname.local

This is the layout of the issued certificate

Primary domain name = domain.com

Sans list

1 - servername.netbiosdomainname.local
2 - domain.com
3 - webmail.domain.com


Should we have: 4 - servername (by itself)?

By running the below in powershell:
C:\>Get-ExchangeCertificate -DomainName servername.netbiosdomainname.local

It comes up with

print                                Services   Subject
-----                                --------   -------
C630********328E5342FF66D98A621BC0E  ..U..      CN=domainname.com
05E********BABE77335455321F7FF1498  IPUWS      CN=servername
4A821D31FE********73A8759E44B972BDA  IPU.S      CN=servername

0
Comment
Question by:kiwistag
2 Comments
 
LVL 16

Accepted Solution

by:
BBRazz earned 2000 total points
ID: 22726825
Seems like the certificate has not been enabled for the services they n

Enabling the Exchange Certificate

Enable-ExchangeCertificate -thumb 484152332E6CD3F9864CEB933BC64867DF29BB0B Services IIS, SMTP, POP, IMAP

If you now look at OWA, you will see the newly assigned Certificate running on Site.

As good housekeeping, it would be good practice to remove the un-neccesary certificates to aid easier administration at a later date.eed to use.

-BBRazz
0
 
LVL 6

Author Comment

by:kiwistag
ID: 22736166
Yippee!!!!!!

Thanks - will e-mail Comodo to let them know what the issue was.

Their instructions stated:
Import-ExchangeCertificate -Path c:\exchange.comodo.com.crt | Enable-ExchangeCertificate -Services "SMTP, POP, IMAP, IIS"

Which obviously doesn't allow a force overwriting of the certificate assigned.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you have come across a situation where you need to find some EDB mailbox recovery techniques, then here you will find the same. In this article, we will take you through three techniques using which you will be able to perform EDB recovery. You …
Steps to fix error: “Couldn’t mount the database that you specified. Specified database: HU-DB; Error code: An Active Manager operation fail”
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
Suggested Courses

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question