Windows 2008R2 Enterprise CA doesnt work on a Exchange2010 Certificate Request

Hello
i built a new CA into my domain. I can provide User and Webserver-Certificates, and they work. But now i try to create a new certificate for my Exchange 2010. I created a new request whith the wizard in Exchange2010 and transfered the txt-file to the DC where the CA is located. When i open the CA, i can see all my recently issued certificates. But now, I try to submit a new request, whith the created txt-file attached, and ... nothing happens. There is no error, no dialog and no error into the event-log, - nothing happens. I canot see any changes into the CA-Folders, no pending request ... nothing.

Can you tell me, how i can create the nessecery .cer file to complete the pending request on exchange 2010?

thanks
Rene
realnanukAsked:
Who is Participating?
 
hatkindConnect With a Mentor Commented:
Try use EMS and command New-ExchangeCertificate

For example:

New-ExchangeCertificate -GenerateRequest -DomainName domain.com -SubjectName "c=COM, o=Own Organisation, cn=mx1.domain.com" -Friendlyname "Certificate for Exchange" -PrivateKeyExportable $true

Then go to your Webserver-cer, Select a task: Request a certificate ->advanced certificate request ->Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file.

and past here Saved Request (you get it from EMS) and select Certificate Template as Web-Server

After this submit your sertificate in EMC.

Also you can export this certificate becouse we used -PrivateKeyExportable $true in New-ExchangeCertificate  

0
 
e_aravindCommented:
not sure about the error.
a) we use web-request method https:\\ca-servername\certsrv to get the cer
b)Using MMC, certmgr, request new certificate
0
 
realnanukAuthor Commented:
a) i allready requestet a Webserver-cer, and that worked for IIS, but i cannot add my .txt request
b) when i open the mmc i can see my created server cer, but that doesnt help me, because i cannot export them i a needed form, i can export them, but that doesnt work for exchange. whe i try to import a cer into exchange, he asked me for a .pfx or p12 file, i dont have that, or dont know how to create a .pfx
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
realnanukAuthor Commented:
Another problem could be, that i cannot set the flag "Mark keys as exportable" on the ca website
0
 
realnanukAuthor Commented:
genius

I only sumitted the new request by choosing "Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file" Then I was able to finalize the cert request on exchange 2010.

thanks a lot
0
 
mpilarczykCommented:
Use IIS7 to request web certificate from your online authority. Then export certificate to pfx and import to Exchange.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.