masdf123
asked on
Exchange 2007 sp3 SSL Certificate
Hi,
Using Server 2003 r2, exchange 2007 sp3
I have a multi domain certificate from global sign.
I saved the file as cert.crt in c:\
After executing import-exchangecertificate -path c:\cert.crt
And then Enable-ExchangeCertificate -thumbprint [thumprint] -services "smtp,iis,pop,imap"
This didn't work as it kept saying certificate not found.
So I removed the thumbprint.
Now when I try get-exchangecertificate, I dont see any cert, except the local one.
And if I try to import the certificate again it keeps telling me thumprint already there:
Import-ExchangeCertificate : Cannot import as there already is a certificate wi
th a thumbprint of thumbprint..
At line:1 char:27
+ Import-ExchangeCertificate <<<< -Path c:\cert.cer
+ CategoryInfo : WriteError: (0:Int32) [Import-ExchangeCertificat
e], ImportCertificateAlreadyEx istsExcept ion
+ FullyQualifiedErrorId : 34ABAC30,Microsoft.Exchang e.Manageme nt.SystemC on
figurationTasks.ImportExch angeCertif icate
Please help.
Using Server 2003 r2, exchange 2007 sp3
I have a multi domain certificate from global sign.
I saved the file as cert.crt in c:\
After executing import-exchangecertificate
And then Enable-ExchangeCertificate
This didn't work as it kept saying certificate not found.
So I removed the thumbprint.
Now when I try get-exchangecertificate, I dont see any cert, except the local one.
And if I try to import the certificate again it keeps telling me thumprint already there:
Import-ExchangeCertificate
th a thumbprint of thumbprint..
At line:1 char:27
+ Import-ExchangeCertificate
+ CategoryInfo : WriteError: (0:Int32) [Import-ExchangeCertificat
e], ImportCertificateAlreadyEx
+ FullyQualifiedErrorId : 34ABAC30,Microsoft.Exchang
figurationTasks.ImportExch
Please help.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hi,
Refer this:
https://www.experts-exchange.com/questions/23284786/Import-ExchangeCertificate-throws-error-won't-allow-third-part-cert.html
Hope this helps,
Shree
Refer this:
https://www.experts-exchange.com/questions/23284786/Import-ExchangeCertificate-throws-error-won't-allow-third-part-cert.html
Hope this helps,
Shree
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
here is a link for creating the certificate
http://msexchangeteam.com/archive/2007/02/19/435472.aspx
http://msexchangeteam.com/archive/2007/02/19/435472.aspx
ASKER
Private key is there.
Should I remove the cert from there?
Should I remove the cert from there?
ASKER
I removed it from there, reimported (which worked)
While enabling I get the following:
Enable-ExchangeCertificate : The certificate with thumbprint thumbprint was found but is not valid for use with Exchange Server
(reason: PrivateKeyMissing).
While enabling I get the following:
Enable-ExchangeCertificate
(reason: PrivateKeyMissing).
run the cmdlet
get-exchangecertificate | fl
grab the thumbprint from the results for your certificate
get-exchangecertificate | fl
grab the thumbprint from the results for your certificate
ASKER
Actually that was public key.
Private key isn't under details of the certificate in mmc.
So what do I tell the cert authority?
Private key isn't under details of the certificate in mmc.
So what do I tell the cert authority?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
my csr was created with -PrivateKeyExportable:$tru e originally.
What should global know to create the right cert?
What should global know to create the right cert?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Now under get-exchangexcertificate that thumprint is not present.