Tech or Treat! Write an article about your scariest tech disaster to win gadgets!Learn more

x
?
Solved

Unable to Generate Certificate Request in Exchange 2007

Posted on 2009-05-02
3
Medium Priority
?
1,383 Views
Last Modified: 2012-05-06
I am trying to generate a certificate request via the cmdlet in Exchange Server 2007 SP1 running on Windows Server 2008 Standard. I'm logged in as the domain Administrator. The request, which I am running on a stand-alone Exchange Server (i.e., no separate Edge server) is as follows:

New-ExchangeCertificate -Confirm  -DomainController dc1.mydomain.com
                                         -DomainName mail1.myserver.net,mail.myserver.net,dc1.mydomain.local
                                         -GenerateRequest:$True   -Path C:\Certificates\Exchange.req -PrivateKeyExportable:$true
                                         -SubjectName "c=us, o=My Company, CN=mail1.justdns.net"   -Force

The error is:

New-ExchangeCertificate : This operation can only be performed locally on a Microsoft Exchange server that has the Edge Transport, Hub Transport, Client Access, or Unified Messaging server role installed.  Please log on locally to a Microsoft Exchange server that has one of the supported server roles installed and perform this operation again.
At line:1 char:24
+ New-ExchangeCertificate  <<<< -Confirm  -DomainController dc1.mydomain.com -DomainName mail1.myserver.net,mail.myserver.net,dc1.mydomain.local  -Gener
ateRequest:$True -Path C:\Certificates\Exchange.req -PrivateKeyExportable:$true -SubjectName "c=us, o=Social Motion, CN=mail1.myserver.net"  -Force

This server is also the domain controller for the domain. Please note that this is a Certificate Request for Secure SMTP with mulitiple domains, so using IIS is not the solution.  Any thoughts on how to get this request to work properly? Thank you.

REFERENCES:
  -  http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_24065528.html   { problem caused by different reasons }
  -  http://www.ditii.com/2007/04/14/exchange-2007-generating-a-certificate-with-a-3rd-party-ca/   { seems I'm doing the same thing?  }
  -  http://technet.microsoft.com/en-us/library/aa998327.aspx   { command syntax  }
  -  http://technet.microsoft.com/en-us/library/aa998840.aspx  {  Creating a Certificate or Certificate Request for TLS  }



0
Comment
Question by:lesterw2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 9

Expert Comment

by:Raghuv
ID: 24289139
Hi, most of the parameters you have used on the above Certificate request command is not necessary.

I normally use the website (https://www.digicert.com/easy-csr/exchange2007.htm) to create the shell
command for me. it's pretty simple.

PS: Under "Subject Alternative Names", you can enter the multiple domain names.

Give it a try and let us know if you are still having issues
0
 
LVL 3

Accepted Solution

by:
Girish_2500 earned 2000 total points
ID: 24289919
hi,

try removing few parameters. for example try following command

New-ExchangeCertificate      -DomainName mail1.myserver.net,mail.myserver.net,dc1.mydomain.local        -GenerateRequest:$True   -Path "C:\Certificates\Exchange.req" -PrivateKeyExportable:$true                  -SubjectName "c=us, o=My Company, CN=mail1.justdns.net"  

I this should work for you.

0
 
LVL 1

Author Closing Comment

by:lesterw2
ID: 31577259
That did the trick! Seems the -DomainController parameter causes the problem! Thank you!
0

Featured Post

Tech or Treat!

Submit an article about your scariest tech experience—and the solution—and you’ll be automatically entered to win one of 4 fantastic tech gadgets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here in this article, you will get a step by step guidance on how to restore an Exchange database to a recovery database. Get a brief on Recovery Database and how it can be used to restore Exchange database in this section!
This month, Experts Exchange sat down with resident SQL expert, Jim Horn, for an in-depth look into the makings of a successful career in SQL.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

647 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question