Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Problems installing (and using) U.C.C. (SAN) certificate with Exchange 2007

Posted on 2010-08-25
7
Medium Priority
?
378 Views
Last Modified: 2012-05-10
I am having a problem using a newly-purchased Godaddy UCC Certificate.  I went through the normal process of generating the request, etc...

Long story short: I have imported the certificate onto the server and added it to Exchange (with SMTP,POP,IIS,IMAP for the installed services.)  It asked me if I wanted to overwrite the previous certificate and I chose "y" for "Yes" (duh) however the old certificate which is also disabled for all services is still showing up as the current cert when I try to test the certificate.

Yes, I have restarted IIS and Exchange.  (Did not help)

It looks like (below) that two certs are configured for the same services (the Godaddy one and the self-generated one)

The FIRST certificate listed below (E89F...) is the Godaddy cert that I want to use.

[PS] C:\Windows\System32>get-exchangecertificate

Thumbprint                                Services   Subject
----------                                --------   -------
E89F38CA7D91CCC78C214A951AFF3624FC688E91  IP.WS      CN=remote.domain.com, O...
16D96EF84F27808E705D0BFA36BF726FD5C9CA02  .....      C=US, S=Georgia, L=Some..
B99A2C38F46F2004A89E2604E212FA8BC588D795  .....      C=US, S=Georgia, L=Some...
5D39D4E7CC21EF829D7603351225046B2AE2A9F6  .....      C=US, S=Georgia, L=Some...
24AB1CC7FA72DD8F81214BB8F0C53FF5979EAA98  .....      C=US, S=Georgia, L=Some...
72AE3C32E55F7A6157E104708C2EDC7995E7C86F  IP.WS      CN=remote.domain.com
94E1CFF5D654959310E8B4B8BA49FD6D05BBB61D  .....      CN=WMSvc-WIN-OQ0B0X3O644
53FB184CADA06C373AFCC8041AE6F3F63BD4F494  ....S      CN=ACCO-SS.domain.local
9E062B36717F306766F9607E276459D0470416FE  ....S      CN=Sites
24A4DCF4EDAB19546AEFDBC6D5A0F070E17981F5  .....      CN=acco-ACCO-SS-CA

I've also tried using www.testexchangeconnectivity.com to no avail.

I am not sure what I'm missing here.

At this point, I would make this question 500k points if I could :~)
0
Comment
Question by:PC-Gear
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 34

Expert Comment

by:Shreedhar Ette
ID: 33528623
Hi,

Refer this article:
http://help.godaddy.com/article/4877

Hope this helps,
Shree
0
 
LVL 8

Expert Comment

by:beechy_
ID: 33529211
enable-exchangecertificate -thumbprint "thumbprint of old cert you want to remove" -services none
0
 
LVL 19

Accepted Solution

by:
R--R earned 2000 total points
ID: 33529622
Check in the IIS if you have bind the imported certificate. If not then bind it.
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 19

Expert Comment

by:R--R
ID: 33529629
0
 
LVL 5

Expert Comment

by:DanMar
ID: 33530058
Hi PcGear,
I have followed this wizard with full instructions and never had an issue:
https://www.digicert.com/easy-csr/exchange2007.htm
Full Shell commands listed etc. Let us know how you go?
0
 

Author Closing Comment

by:PC-Gear
ID: 33531436
Ahhh.  It was still bound to the other one in IIS.  I had only removed the services for the certificate.  
0
 

Author Comment

by:PC-Gear
ID: 33531546
Thanks R--R.

And thanks for all of the quick reponses.

Now the only other problem I'm having is regarding RPC:

This excerpt is from: www.testexchangeconnectivity.com:

Attempting to Ping RPC Proxy remote.domain.com
  RPC Proxy can't be pinged.
   Additional Details
  A Web Exception occurred because an HTTP 401 - Unauthorized response was received from Unknown

I guess I'll post this again in the proper forum.




0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One-stop solution for Exchange Administrators to address all MS Exchange Server issues, which is known by the name of Stellar Exchange Toolkit.
The core idea of this article is to make you acquainted with the best way in which you can export Exchange mailbox to PST format.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question