Solved

issue a wildcard certificate using Microsoft CA

Posted on 2010-09-08
3
2,529 Views
Last Modified: 2012-05-10
I am trying to use Windows Certificate Authority to complete a wildcard certificate request I generated using exchange 2010.  Exchange and the CA services are both installed on the same server, Server 2008 64 bit.  I've tried doing it through IIS 7 as well as through the certificate authority (administrative tools).

I always get an error ASN1 Bad Tag Value met when i try to complete the request.  I've read other articles that say to ignore this error and the certificate will still complete, however with exchange 2010 and server 2008 this doesn't seem to be the case.  I can't find a completed request on my server and the console in CA doesn't show any certificates under issued/failed/pending, etc.

I am trying to use this article

http://exchangeshell.wordpress.com/2009/09/20/create-ucc-san-private-ca-issued-certificate-to-replace-self-signed-certificate-exchange-2007/

I am going to go through it right from the start, but i think it is still going to give me that same error.
0
Comment
Question by:DaveHFry
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 

Accepted Solution

by:
DaveHFry earned 0 total points
ID: 33630985
I was able to complete my certificate request using an IE interface on a different computer in my network.  I used the web interface to create a .cer file and then loaded it back into my server.

This video was a huge help:

http://www.msexchange.org/articles_tutorials/videos/exchange-server-2010/video-certificate-wizard-Exchange-2010.html

Now when I run the Exchange connectivity test, it says:

"The certificate chain couldn't be built. You may be missing required intermediate certificates."

I am working on this right now
0
 
LVL 37

Expert Comment

by:Jian An Lim
ID: 33634253
I have done this via http://lor-sinclair.spaces.live.com/blog/cns!F891FBE915CCE8EE!515.entry

the next thing i also need you to make sureis that your root CA certificate is located in your trust root certificateion authorities.



0
 

Author Closing Comment

by:DaveHFry
ID: 34463328
I found that article after posting the question, it is the answer
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
how to add IIS SMTP to handle application/Scanner relays into office 365.
Suggested Courses

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question