Enable-Exchange certificate fails with PrivateKeyMissing error
Posted on 2008-10-17
I received my certificates from GoDaddy this morning. Both certificates installed without issue on my Windows 2008/Exchange 2007 Client Access Server.
When I issued the "enable-exchange-certificate -thumbprint xxxxxxxxxxxxxxxxxxxxxxxx -services "IIS,IMAP,POP,SMTP" command it fails with the following:
Enable-ExchangeCertificate : The certificate with thumbprint xxxxxxxxxxxxx was found but is not for use with Exchange Server (reason: PrivateKeyMissing).
My research consistently states I need to run the certutil -repairstore my "<thumbprint>" command.
When I do, the "Insert Smart Card" window pops up. As I am not using Smart Cards, all I can do is hit "Cancel". Once I do that, the following error occurs:
================ Certificate 0 ================
Serial Number: e06648
Issuer: SERIALNUMBER=111111111, CN=Go Daddy Secure Certification Authority, OU=ht
tp://certificates.godaddy.com/repository, O=GoDaddy.com, Inc., L=Scottsdale, S=A
NotBefore: 10/17/2008 10:13 AM
NotAfter: 10/17/2009 10:13 AM
Subject: OU=Domain Control Validated, CN=abc.edu, O=test.abc.edu
Cert Hash(sha1): xxxxxxxxxxxxxxxxxxxxxx
No key provider information
Cannot find the certificate and private key for decryption.
CertUtil: -repairstore command FAILED: 0x80090010 (-2146893808)
CertUtil: Access denied.
I'm stumped...any and all help is appreciated. I'm not particularly strong in certificates.