Solved

Exchange Certificate not trusted

Posted on 2010-11-25
5
323 Views
Last Modified: 2012-05-10
I have 2 mail servers both have SSL certificates but how do I add the issuer of the certificate to all machines so
that any machine automatically trusts it? It a company called ALpha CA.

I'd need step by step assistance I'm afraid as while I understand how certificates work, integrating them
is something different. To me anyway
0
Comment
Question by:Majicthise
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 25

Accepted Solution

by:
Tony Johncock earned 500 total points
ID: 34213037
This article explains how to do it via group policy:

http://technet.microsoft.com/en-us/library/cc738131(WS.10).aspx

However, it may be more cost effective to buy 'proper' UC certificates from GoDaddy or Certificatesforexchange.com
0
 

Author Comment

by:Majicthise
ID: 34213110
Yeah I saw that
I have the certificates emailed and installed them OK ontot he exchangeboxes
I just dont see how to get them into AD?

Email

-----BEGIN CERTIFICATE-----
MIIEtTCCA52gAwIBAgILAQAAAAABKLq05RAwDQYJKoZIhvcNAQEFBQAwNjERMA8G
A1UECxMIQWxwaGEgQ0ExDjAMBgNVBAoTBUFscGhhMREwDwYDVQQDEwhBbHBoYSBD
1BqwvUbSvkrjtc5JsWkRedIY1gmJqn6aeflCrqeRTZQPA10EwVz/qinji+pZ/GBm
966fuTAhRIt9
-----END CERTIFICATE-----


Signed Certificate (PKCS7 Format)

-----BEGIN PKCS7-----
MIIMkwYJKoZIhvcNAQcCoIIMhDCCDIACAQExADALBgkqhkiG9w0BBwGgggxoMIIE
tTCCA52gAwIBAgILAQAAAAABKLq05RAwDQYJKoZIhvcNAQEFBQAwNjERMA8GA1UE
CxMHUm9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMIIBIjANBgkq
Pd5BzAeuY1K/U1P0K+nH/bb3gl+F0kEY24GzBBzFH6SAbxUgyd4MiAod1mZV4vxI
ySkmaeAxAA==
-----END PKCS7-----


Bundle Certificate (Intermediate)

-----BEGIN CERTIFICATE-----
MIIEMjCCAxqgAwIBAgILBAAAAAABHkSl8XEwDQYJKoZIhvcNAQEFBQAwVzELMAkG
SI2Ddng5V2fqZH5xHY5A5qWrZDL3g8d7vaTe3IMTpKKM8yp26RpwSlEXt2wm3+4F
x05b2jZUoUl59koGCuMB6v5Icws9nLgogfC0pchimhEozRjRByPSuu4U24dk7Suq
fxq9CncU1dXMMRKi7wajF8HgGKvHUw==
-----END CERTIFICATE-----


Root Certificate (CA)

-----BEGIN CERTIFICATE-----
MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG
A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad
DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME
HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==
-----END CERTIFICATE-----

I've tried saving various section as Cer crt and p7b but it doesn't want to know.
0
 

Author Comment

by:Majicthise
ID: 34213175
Oddly enough I tried it with another certificate and it worked
Then went back to the original one and it worked
Maybe cut 'n' paste was the issue?
0
 

Author Closing Comment

by:Majicthise
ID: 34213181
Got this fa but couldnt get certificate installed. Thought it was process of adding certificates that was flawed more liekly my cut & paste...
0
 
LVL 25

Expert Comment

by:Tony Johncock
ID: 34213196
Sorry I didn't get back sooner.

Most likely there was an extraneous space / carriage return after the end of the ===end certificate=== bit. So easy in notepad and the like.

Thanks for the points.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This article shows the method of using the Resultant Set of Policy Tool to locate Group Policy that applies a particular setting.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question