Solved

Problems installing (and using) U.C.C. (SAN) certificate with Exchange 2007

Posted on 2010-08-25
7
365 Views
Last Modified: 2012-05-10
I am having a problem using a newly-purchased Godaddy UCC Certificate.  I went through the normal process of generating the request, etc...

Long story short: I have imported the certificate onto the server and added it to Exchange (with SMTP,POP,IIS,IMAP for the installed services.)  It asked me if I wanted to overwrite the previous certificate and I chose "y" for "Yes" (duh) however the old certificate which is also disabled for all services is still showing up as the current cert when I try to test the certificate.

Yes, I have restarted IIS and Exchange.  (Did not help)

It looks like (below) that two certs are configured for the same services (the Godaddy one and the self-generated one)

The FIRST certificate listed below (E89F...) is the Godaddy cert that I want to use.

[PS] C:\Windows\System32>get-exchangecertificate

Thumbprint                                Services   Subject
----------                                --------   -------
E89F38CA7D91CCC78C214A951AFF3624FC688E91  IP.WS      CN=remote.domain.com, O...
16D96EF84F27808E705D0BFA36BF726FD5C9CA02  .....      C=US, S=Georgia, L=Some..
B99A2C38F46F2004A89E2604E212FA8BC588D795  .....      C=US, S=Georgia, L=Some...
5D39D4E7CC21EF829D7603351225046B2AE2A9F6  .....      C=US, S=Georgia, L=Some...
24AB1CC7FA72DD8F81214BB8F0C53FF5979EAA98  .....      C=US, S=Georgia, L=Some...
72AE3C32E55F7A6157E104708C2EDC7995E7C86F  IP.WS      CN=remote.domain.com
94E1CFF5D654959310E8B4B8BA49FD6D05BBB61D  .....      CN=WMSvc-WIN-OQ0B0X3O644
53FB184CADA06C373AFCC8041AE6F3F63BD4F494  ....S      CN=ACCO-SS.domain.local
9E062B36717F306766F9607E276459D0470416FE  ....S      CN=Sites
24A4DCF4EDAB19546AEFDBC6D5A0F070E17981F5  .....      CN=acco-ACCO-SS-CA

I've also tried using www.testexchangeconnectivity.com to no avail.

I am not sure what I'm missing here.

At this point, I would make this question 500k points if I could :~)
0
Comment
Question by:PC-Gear
7 Comments
 
LVL 34

Expert Comment

by:Shreedhar Ette
ID: 33528623
Hi,

Refer this article:
http://help.godaddy.com/article/4877

Hope this helps,
Shree
0
 
LVL 8

Expert Comment

by:beechy_
ID: 33529211
enable-exchangecertificate -thumbprint "thumbprint of old cert you want to remove" -services none
0
 
LVL 19

Accepted Solution

by:
R--R earned 500 total points
ID: 33529622
Check in the IIS if you have bind the imported certificate. If not then bind it.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 19

Expert Comment

by:R--R
ID: 33529629
0
 
LVL 5

Expert Comment

by:DanMar
ID: 33530058
Hi PcGear,
I have followed this wizard with full instructions and never had an issue:
https://www.digicert.com/easy-csr/exchange2007.htm
Full Shell commands listed etc. Let us know how you go?
0
 

Author Closing Comment

by:PC-Gear
ID: 33531436
Ahhh.  It was still bound to the other one in IIS.  I had only removed the services for the certificate.  
0
 

Author Comment

by:PC-Gear
ID: 33531546
Thanks R--R.

And thanks for all of the quick reponses.

Now the only other problem I'm having is regarding RPC:

This excerpt is from: www.testexchangeconnectivity.com:

Attempting to Ping RPC Proxy remote.domain.com
  RPC Proxy can't be pinged.
   Additional Details
  A Web Exception occurred because an HTTP 401 - Unauthorized response was received from Unknown

I guess I'll post this again in the proper forum.




0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question