jdfuller
asked on
Server 2008 R2 with Exchange 2010 : Certificate Install Error
I have a clean Server 2008 R2 with Exchange 2010 going on it. Everything hunky dory in pre-requisites but when installed it fails on Network Services, bad thumbprint. See below dump...
=============
Management Tools
Completed
Elapsed Time: 00:00:09
Hub Transport Role
Completed
Elapsed Time: 00:04:21
Client Access Role
Failed
Error:
The following error was generated when "$error.Clear(); Install-ExchangeCertificat e -services "IIS, POP, IMAP" -DomainController $RoleDomainController" was run: "Could not grant Network Service access to the certificate with thumbprint 50BBE9D6844D16E636E33A7838 9D2EFFDB58 4672 because a cryptographic exception was thrown.".
Could not grant Network Service access to the certificate with thumbprint 50BBE9D6844D16E636E33A7838 9D2EFFDB58 4672 because a cryptographic exception was thrown.
Access is denied.
Elapsed Time: 00:01:40
Mailbox Role
Cancelled
Finalizing Setup
Cancelled
=============
Management Tools
Completed
Elapsed Time: 00:00:09
Hub Transport Role
Completed
Elapsed Time: 00:04:21
Client Access Role
Failed
Error:
The following error was generated when "$error.Clear(); Install-ExchangeCertificat
Could not grant Network Service access to the certificate with thumbprint 50BBE9D6844D16E636E33A7838
Access is denied.
Elapsed Time: 00:01:40
Mailbox Role
Cancelled
Finalizing Setup
Cancelled
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
FAST!! Thanks. I used the answer I found on TechNet but right after the install completed I saw Akhater's answer. Nice reponse time - you get the jellybeans, dude!
Glad to know it worked and thanks for the points
Thanks. Well done....
Hi Akhtar, I did try the above,
i found 3 certificate in local i have removed the (servername) to trusted .. and then tried to install it .. but failed.
i found 3 certificate in local i have removed the (servername) to trusted .. and then tried to install it .. but failed.
ASKER
Answer from a TechNet posting - here for reference because I didn't find an answer on EE and in case someone else has this issue. Key here is to use the Local Computer Account during snap-in construction.
Thank you for this post! I can confirm as well that this indeed works! I have a new 2008 R2 server (DC) running Exchange 2010, and this is what helped me get past that horrid error. For me, the key was to look through my certificates until I found the one that had the thumbprint code that matched what was in the error message, and then move that certificate to the Trusted Root Certification Authorities folder.
--------------------------
MCSE, MCSA, CCNA, A+