loniadmin
asked on
Cert seems to be installed, but not working
I have two servers who are load balanced and share a hostname webmail.mydomain.com. Since the cert was about to expire, I ran the renew wizard in IIS and renewed the cert through VeriSign. Everything worked great on the server that I did the renewal from, however, I am having huge issues applying this cert to the second server.
At first I tried doing IIS wizard to copy the cert from the working node and that gave me the general error Server execution failed. After that failed, I used IIS to export the cert /private key/intermediate key, then I moved the .pfx file over to the second box, and installed the .pfx file. However, when I looked at the certificates mmc the cert did not show up in Local Computer cert tree, it was only under the Current User cert tree. I then copied it over to Certificates (Local Computer) à Personalà Certificates so I could import it into IIS.
At this point I did a replace the current certificate in IIS and chose the cert I just installed. This seemed to go ok and running View Certificate showed that everything was ok. However, when I go to the website this cert is active for nothing shows up. Moreover, in exchange 2007 when I restart the POP3 servers it states:
A certificate for the host name "webmail.mydomain.com " could not be found. SSL or TLS encryption cannot be made to the POP3 service.
Therefore, even though it is installed, IIS and exchange are not accepting it. With regards to exchange I even ran the command:
Enable-ExchangeCertificate
To see if that would get POP3 working. No success. Anyone have direction they could provide?
Thanks!
At first I tried doing IIS wizard to copy the cert from the working node and that gave me the general error Server execution failed. After that failed, I used IIS to export the cert /private key/intermediate key, then I moved the .pfx file over to the second box, and installed the .pfx file. However, when I looked at the certificates mmc the cert did not show up in Local Computer cert tree, it was only under the Current User cert tree. I then copied it over to Certificates (Local Computer) à Personalà Certificates so I could import it into IIS.
At this point I did a replace the current certificate in IIS and chose the cert I just installed. This seemed to go ok and running View Certificate showed that everything was ok. However, when I go to the website this cert is active for nothing shows up. Moreover, in exchange 2007 when I restart the POP3 servers it states:
A certificate for the host name "webmail.mydomain.com " could not be found. SSL or TLS encryption cannot be made to the POP3 service.
Therefore, even though it is installed, IIS and exchange are not accepting it. With regards to exchange I even ran the command:
Enable-ExchangeCertificate
To see if that would get POP3 working. No success. Anyone have direction they could provide?
Thanks!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
done.
ASKER