Replace a expired SSL Certificate for Exchange by a selfcertificated
Posted on 2010-03-23
We use a single Exchange 2007 Enterprise on Windows server 2008 x64
We had a SSL certificate that expired last week. The OWA clients gets a warning (but can access) and ActiveSync clients don't work.
We don't want to renew the certificate and want to create a selfcertificate one, using exchange powershell. The certificate is created and I can see it in IIS certificates, the OWA clients can access webmail (they get a warning of non secure certificate). But active sync clients don't work. They get a "non valid certificate error" 0x80072F0D. Outlook 2007 get an error too, but work. Outlook 2003 don't work, they can't connect to server.
Have I missed something?
I use this command to create the certificate:
New-ExchangeCertificate -DomainName "mail.secdor.com", "exchange" -Services "IIS"
"mail.secdor.com" is the external name of our webmail. "exchange" is the internal name of our exchange server.