Solved

Problem importing Exchange 2010 SSL Cert

Posted on 2010-09-16
5
726 Views
Last Modified: 2012-05-10
I bought a SAN/UCC Cert.  I am having trouble importing on my Exchange 2010 box.  I generated the CSR from my Office Communications Server.  I was able to successfully install the cert on that server.  I am now trying to install it in Exchange.  

I went through EMC, Server Config, selected server, and imported the certificate there.  The problem is that it doesnt show up in EMC where I would then be able to assign it to the services.  

I ran this command Get-ExchangeCertificate in EMS and it doesnt show up there.  The cert is showing up in MMC/Personal Store Certificates though.

I also attempted to re-import through EMC and it says it already exists.

Any help would be very much appreciated.  Thanks.
0
Comment
Question by:obautista
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 9

Expert Comment

by:v_9mhdrf
ID: 33698441
Please assign the certificate in IIS 7. you have a option there as Server Certificates, where you can remove and assign the certificates.

Please check out. Hope this helps!

Thanks.
Mohammed
0
 
LVL 49

Accepted Solution

by:
Akhater earned 500 total points
ID: 33698748
what you did wrong is that you are trying to import the file you have downloaded

what you should do is the following

   1. on the OCS server
          * Start run mmc
          * File add/remove snap-ins
          * certificates -> computer certiciates -> local computer
          * Open the personal certificate store and export the certificate you have just imported
          * when prompted say you want to include the Private Keys and make sure NOT to select to delete them after export
          * while doing so you will be asked to input a password put one
          * copy the PFX file to the exchange server
   2. On the exchange server
          * Delete the certificate you had previously imported
          * import the one you have just exported
          * be happy

Cheers
0
 
LVL 26

Expert Comment

by:e_aravind
ID: 33699614
On the MMC, do  you see the pvt. key on those certs?

If No, want to try the following commands:
1. certutil -addstore my cert.cer
2. certutil -repairstore my "<Thumb Print>"(of the new cert) and you should get the PVT key
0
 

Author Comment

by:obautista
ID: 33700158
Thanks so much.  The instructions AKHATER gave worked like a charm.  Thanks again...
0
 

Author Closing Comment

by:obautista
ID: 33700160
Thanks
0

Featured Post

Creating Instructional Tutorials  

For Any Use & On Any Platform

Contextual Guidance at the moment of need helps your employees/users adopt software o& achieve even the most complex tasks instantly. Boost knowledge retention, software adoption & employee engagement with easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
how to add IIS SMTP to handle application/Scanner relays into office 365.

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question