Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Installing a Security Certificate for Exchange 2007 still shows original self signed certificate.

Posted on 2008-10-15
2
Medium Priority
?
1,237 Views
Last Modified: 2012-05-05
We processed and received back a Security Certificate for our Exchange Server.

Since installing per instructions the exchange server still links to the original self-signed certificate - which it shouldn't!

From outside we use webmail.domain.com to access the server (via OWA)
Internally we use servername.netbiosdomainname.local

This is the layout of the issued certificate

Primary domain name = domain.com

Sans list

1 - servername.netbiosdomainname.local
2 - domain.com
3 - webmail.domain.com


Should we have: 4 - servername (by itself)?

By running the below in powershell:
C:\>Get-ExchangeCertificate -DomainName servername.netbiosdomainname.local

It comes up with

print                                Services   Subject
-----                                --------   -------
C630********328E5342FF66D98A621BC0E  ..U..      CN=domainname.com
05E********BABE77335455321F7FF1498  IPUWS      CN=servername
4A821D31FE********73A8759E44B972BDA  IPU.S      CN=servername

0
Comment
Question by:kiwistag
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 16

Accepted Solution

by:
BBRazz earned 2000 total points
ID: 22726825
Seems like the certificate has not been enabled for the services they n

Enabling the Exchange Certificate

Enable-ExchangeCertificate -thumb 484152332E6CD3F9864CEB933BC64867DF29BB0B Services IIS, SMTP, POP, IMAP

If you now look at OWA, you will see the newly assigned Certificate running on Site.

As good housekeeping, it would be good practice to remove the un-neccesary certificates to aid easier administration at a later date.eed to use.

-BBRazz
0
 
LVL 6

Author Comment

by:kiwistag
ID: 22736166
Yippee!!!!!!

Thanks - will e-mail Comodo to let them know what the issue was.

Their instructions stated:
Import-ExchangeCertificate -Path c:\exchange.comodo.com.crt | Enable-ExchangeCertificate -Services "SMTP, POP, IMAP, IIS"

Which obviously doesn't allow a force overwriting of the certificate assigned.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Want to know how to use Exchange Server Eseutil command? Go through this article as it gives you the know-how.
Here in this article, you will get a step by step guidance on how to restore an Exchange database to a recovery database. Get a brief on Recovery Database and how it can be used to restore Exchange database in this section!
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question