PC-Gear
asked on
Problems installing (and using) U.C.C. (SAN) certificate with Exchange 2007
I am having a problem using a newly-purchased Godaddy UCC Certificate. I went through the normal process of generating the request, etc...
Long story short: I have imported the certificate onto the server and added it to Exchange (with SMTP,POP,IIS,IMAP for the installed services.) It asked me if I wanted to overwrite the previous certificate and I chose "y" for "Yes" (duh) however the old certificate which is also disabled for all services is still showing up as the current cert when I try to test the certificate.
Yes, I have restarted IIS and Exchange. (Did not help)
It looks like (below) that two certs are configured for the same services (the Godaddy one and the self-generated one)
The FIRST certificate listed below (E89F...) is the Godaddy cert that I want to use.
[PS] C:\Windows\System32>get-ex changecert ificate
Thumbprint Services Subject
---------- -------- -------
E89F38CA7D91CCC78C214A951A FF3624FC68 8E91 IP.WS CN=remote.domain.com, O...
16D96EF84F27808E705D0BFA36 BF726FD5C9 CA02 ..... C=US, S=Georgia, L=Some..
B99A2C38F46F2004A89E2604E2 12FA8BC588 D795 ..... C=US, S=Georgia, L=Some...
5D39D4E7CC21EF829D76033512 25046B2AE2 A9F6 ..... C=US, S=Georgia, L=Some...
24AB1CC7FA72DD8F81214BB8F0 C53FF5979E AA98 ..... C=US, S=Georgia, L=Some...
72AE3C32E55F7A6157E104708C 2EDC7995E7 C86F IP.WS CN=remote.domain.com
94E1CFF5D654959310E8B4B8BA 49FD6D05BB B61D ..... CN=WMSvc-WIN-OQ0B0X3O644
53FB184CADA06C373AFCC8041A E6F3F63BD4 F494 ....S CN=ACCO-SS.domain.local
9E062B36717F306766F9607E27 6459D04704 16FE ....S CN=Sites
24A4DCF4EDAB19546AEFDBC6D5 A0F070E179 81F5 ..... CN=acco-ACCO-SS-CA
I've also tried using www.testexchangeconnectivity.com to no avail.
I am not sure what I'm missing here.
At this point, I would make this question 500k points if I could :~)
Long story short: I have imported the certificate onto the server and added it to Exchange (with SMTP,POP,IIS,IMAP for the installed services.) It asked me if I wanted to overwrite the previous certificate and I chose "y" for "Yes" (duh) however the old certificate which is also disabled for all services is still showing up as the current cert when I try to test the certificate.
Yes, I have restarted IIS and Exchange. (Did not help)
It looks like (below) that two certs are configured for the same services (the Godaddy one and the self-generated one)
The FIRST certificate listed below (E89F...) is the Godaddy cert that I want to use.
[PS] C:\Windows\System32>get-ex
Thumbprint Services Subject
---------- -------- -------
E89F38CA7D91CCC78C214A951A
16D96EF84F27808E705D0BFA36
B99A2C38F46F2004A89E2604E2
5D39D4E7CC21EF829D76033512
24AB1CC7FA72DD8F81214BB8F0
72AE3C32E55F7A6157E104708C
94E1CFF5D654959310E8B4B8BA
53FB184CADA06C373AFCC8041A
9E062B36717F306766F9607E27
24A4DCF4EDAB19546AEFDBC6D5
I've also tried using www.testexchangeconnectivity.com to no avail.
I am not sure what I'm missing here.
At this point, I would make this question 500k points if I could :~)
enable-exchangecertificate -thumbprint "thumbprint of old cert you want to remove" -services none
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hi PcGear,
I have followed this wizard with full instructions and never had an issue:
https://www.digicert.com/easy-csr/exchange2007.htm
Full Shell commands listed etc. Let us know how you go?
I have followed this wizard with full instructions and never had an issue:
https://www.digicert.com/easy-csr/exchange2007.htm
Full Shell commands listed etc. Let us know how you go?
ASKER
Ahhh. It was still bound to the other one in IIS. I had only removed the services for the certificate.
ASKER
Thanks R--R.
And thanks for all of the quick reponses.
Now the only other problem I'm having is regarding RPC:
This excerpt is from: www.testexchangeconnectivity.com:
Attempting to Ping RPC Proxy remote.domain.com
RPC Proxy can't be pinged.
Additional Details
A Web Exception occurred because an HTTP 401 - Unauthorized response was received from Unknown
I guess I'll post this again in the proper forum.
And thanks for all of the quick reponses.
Now the only other problem I'm having is regarding RPC:
This excerpt is from: www.testexchangeconnectivity.com:
Attempting to Ping RPC Proxy remote.domain.com
RPC Proxy can't be pinged.
Additional Details
A Web Exception occurred because an HTTP 401 - Unauthorized response was received from Unknown
I guess I'll post this again in the proper forum.
Refer this article:
http://help.godaddy.com/article/4877
Hope this helps,
Shree