Link to home
Start Free TrialLog in
Avatar of jdfuller
jdfullerFlag for United States of America

asked on

Server 2008 R2 with Exchange 2010 : Certificate Install Error

I have a clean Server 2008 R2 with Exchange 2010 going on it.  Everything hunky dory in pre-requisites but when installed it fails on Network Services, bad thumbprint.   See below dump...

=============
Management Tools
Completed

Elapsed Time: 00:00:09


Hub Transport Role
Completed

Elapsed Time: 00:04:21


Client Access Role
Failed

Error:
The following error was generated when "$error.Clear(); Install-ExchangeCertificate -services "IIS, POP, IMAP" -DomainController $RoleDomainController" was run: "Could not grant Network Service access to the certificate with thumbprint 50BBE9D6844D16E636E33A78389D2EFFDB584672 because a cryptographic exception was thrown.".

Could not grant Network Service access to the certificate with thumbprint 50BBE9D6844D16E636E33A78389D2EFFDB584672 because a cryptographic exception was thrown.

Access is denied.


Elapsed Time: 00:01:40


Mailbox Role
Cancelled




Finalizing Setup
Cancelled



ASKER CERTIFIED SOLUTION
Avatar of Akhater
Akhater
Flag of Lebanon image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of jdfuller
jdfuller
Flag of United States of America image

ASKER

Bingo!  Akhater...

Answer from a TechNet posting - here for reference because I didn't find an answer on EE and in case someone else has this issue.  Key here is to use the Local Computer Account during snap-in construction.

Thank you for this post!  I can confirm as well that this indeed works!  I have a new 2008 R2 server (DC) running Exchange 2010, and this is what helped me get past that horrid error.  For me, the key was to look through my certificates until I found the one that had the thumbprint code that matched what was in the error message, and then move that certificate to the Trusted Root Certification Authorities folder.
--------------------------------------------------------------------------------
MCSE, MCSA, CCNA, A+
Avatar of jdfuller
jdfuller
Flag of United States of America image

ASKER

FAST!!  Thanks.  I used the answer I found on TechNet but right after the install completed I saw Akhater's answer.  Nice reponse time - you get the jellybeans, dude!
Avatar of Akhater
Akhater
Flag of Lebanon image
Glad to know it worked and thanks for the points

Avatar of affinity-systems
affinity-systems
Flag of Australia image
Thanks. Well done....
Avatar of Firoj Khan
Firoj Khan
Flag of India image
Hi Akhtar, I did try the above,
i found 3 certificate in local i have removed the (servername) to trusted .. and then tried to install it .. but failed.