?
Solved

Problem importing Exchange 2010 SSL Cert

Posted on 2010-09-16
5
Medium Priority
?
728 Views
Last Modified: 2012-05-10
I bought a SAN/UCC Cert.  I am having trouble importing on my Exchange 2010 box.  I generated the CSR from my Office Communications Server.  I was able to successfully install the cert on that server.  I am now trying to install it in Exchange.  

I went through EMC, Server Config, selected server, and imported the certificate there.  The problem is that it doesnt show up in EMC where I would then be able to assign it to the services.  

I ran this command Get-ExchangeCertificate in EMS and it doesnt show up there.  The cert is showing up in MMC/Personal Store Certificates though.

I also attempted to re-import through EMC and it says it already exists.

Any help would be very much appreciated.  Thanks.
0
Comment
Question by:obautista
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 9

Expert Comment

by:v_9mhdrf
ID: 33698441
Please assign the certificate in IIS 7. you have a option there as Server Certificates, where you can remove and assign the certificates.

Please check out. Hope this helps!

Thanks.
Mohammed
0
 
LVL 49

Accepted Solution

by:
Akhater earned 2000 total points
ID: 33698748
what you did wrong is that you are trying to import the file you have downloaded

what you should do is the following

   1. on the OCS server
          * Start run mmc
          * File add/remove snap-ins
          * certificates -> computer certiciates -> local computer
          * Open the personal certificate store and export the certificate you have just imported
          * when prompted say you want to include the Private Keys and make sure NOT to select to delete them after export
          * while doing so you will be asked to input a password put one
          * copy the PFX file to the exchange server
   2. On the exchange server
          * Delete the certificate you had previously imported
          * import the one you have just exported
          * be happy

Cheers
0
 
LVL 26

Expert Comment

by:e_aravind
ID: 33699614
On the MMC, do  you see the pvt. key on those certs?

If No, want to try the following commands:
1. certutil -addstore my cert.cer
2. certutil -repairstore my "<Thumb Print>"(of the new cert) and you should get the PVT key
0
 

Author Comment

by:obautista
ID: 33700158
Thanks so much.  The instructions AKHATER gave worked like a charm.  Thanks again...
0
 

Author Closing Comment

by:obautista
ID: 33700160
Thanks
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
Read this checklist to learn more about the 15 things you should never include in an email signature.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question