Windows 2008R2 Enterprise CA doesnt work on a Exchange2010 Certificate Request

i built a new CA into my domain. I can provide User and Webserver-Certificates, and they work. But now i try to create a new certificate for my Exchange 2010. I created a new request whith the wizard in Exchange2010 and transfered the txt-file to the DC where the CA is located. When i open the CA, i can see all my recently issued certificates. But now, I try to submit a new request, whith the created txt-file attached, and ... nothing happens. There is no error, no dialog and no error into the event-log, - nothing happens. I canot see any changes into the CA-Folders, no pending request ... nothing.

Can you tell me, how i can create the nessecery .cer file to complete the pending request on exchange 2010?

Who is Participating?
hatkindConnect With a Mentor Commented:
Try use EMS and command New-ExchangeCertificate

For example:

New-ExchangeCertificate -GenerateRequest -DomainName -SubjectName "c=COM, o=Own Organisation," -Friendlyname "Certificate for Exchange" -PrivateKeyExportable $true

Then go to your Webserver-cer, Select a task: Request a certificate ->advanced certificate request ->Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file.

and past here Saved Request (you get it from EMS) and select Certificate Template as Web-Server

After this submit your sertificate in EMC.

Also you can export this certificate becouse we used -PrivateKeyExportable $true in New-ExchangeCertificate  

not sure about the error.
a) we use web-request method https:\\ca-servername\certsrv to get the cer
b)Using MMC, certmgr, request new certificate
realnanukAuthor Commented:
a) i allready requestet a Webserver-cer, and that worked for IIS, but i cannot add my .txt request
b) when i open the mmc i can see my created server cer, but that doesnt help me, because i cannot export them i a needed form, i can export them, but that doesnt work for exchange. whe i try to import a cer into exchange, he asked me for a .pfx or p12 file, i dont have that, or dont know how to create a .pfx
Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

realnanukAuthor Commented:
Another problem could be, that i cannot set the flag "Mark keys as exportable" on the ca website
realnanukAuthor Commented:

I only sumitted the new request by choosing "Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file" Then I was able to finalize the cert request on exchange 2010.

thanks a lot
Use IIS7 to request web certificate from your online authority. Then export certificate to pfx and import to Exchange.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.