Solved

Problem importing Exchange 2010 SSL Cert

Posted on 2010-09-16
5
714 Views
Last Modified: 2012-05-10
I bought a SAN/UCC Cert.  I am having trouble importing on my Exchange 2010 box.  I generated the CSR from my Office Communications Server.  I was able to successfully install the cert on that server.  I am now trying to install it in Exchange.  

I went through EMC, Server Config, selected server, and imported the certificate there.  The problem is that it doesnt show up in EMC where I would then be able to assign it to the services.  

I ran this command Get-ExchangeCertificate in EMS and it doesnt show up there.  The cert is showing up in MMC/Personal Store Certificates though.

I also attempted to re-import through EMC and it says it already exists.

Any help would be very much appreciated.  Thanks.
0
Comment
Question by:obautista
5 Comments
 
LVL 9

Expert Comment

by:v_9mhdrf
ID: 33698441
Please assign the certificate in IIS 7. you have a option there as Server Certificates, where you can remove and assign the certificates.

Please check out. Hope this helps!

Thanks.
Mohammed
0
 
LVL 49

Accepted Solution

by:
Akhater earned 500 total points
ID: 33698748
what you did wrong is that you are trying to import the file you have downloaded

what you should do is the following

   1. on the OCS server
          * Start run mmc
          * File add/remove snap-ins
          * certificates -> computer certiciates -> local computer
          * Open the personal certificate store and export the certificate you have just imported
          * when prompted say you want to include the Private Keys and make sure NOT to select to delete them after export
          * while doing so you will be asked to input a password put one
          * copy the PFX file to the exchange server
   2. On the exchange server
          * Delete the certificate you had previously imported
          * import the one you have just exported
          * be happy

Cheers
0
 
LVL 26

Expert Comment

by:e_aravind
ID: 33699614
On the MMC, do  you see the pvt. key on those certs?

If No, want to try the following commands:
1. certutil -addstore my cert.cer
2. certutil -repairstore my "<Thumb Print>"(of the new cert) and you should get the PVT key
0
 

Author Comment

by:obautista
ID: 33700158
Thanks so much.  The instructions AKHATER gave worked like a charm.  Thanks again...
0
 

Author Closing Comment

by:obautista
ID: 33700160
Thanks
0

Featured Post

Do email signature updates give you a headache?

Do you feel like you are constantly making changes to email signatures? Are the images not formatting how you want them to? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today.

Join & Write a Comment

"Migrate" an SMTP relay receive connector to a new server using info from an old server.
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now