Link to home
Create AccountLog in
Avatar of gueraf
guerafFlag for United States of America

asked on

GoDaddy UCC Certificate on Exchange 2010

Exchange Server 2010 on W2KR2.
I purchased UCC SAN cert from GoDaddy and installed it but unable to assign services to it.
Tech Support at GoDaddy walked me thru the process a couple of times and said it should be working. The default self signed certificate is the only one working (allowing to add services), I'm I supposed to remove that one to make the third party cert work??
Avatar of Alan Hardisty
Alan Hardisty
Flag of United Kingdom of Great Britain and Northern Ireland image

Did you generate te CSR on the Exchange server, copy the contents of the file into the GoDaddy CSR field and then authorise, download, copy, import and enable the certificate onto the server?
Avatar of gueraf

ASKER

Yes, followed godaddy's tech intructions...I even had to rekey to try again
Good.  So is the process failing at the enable-exchangecertificate stage?

Are you using the following command in the EMS?

Enable-ExchangeCertificate -Thumbprint Random_Long_String_of_Numbers_And_Letters -Services POP,IMAP,SMTP,IIS
Avatar of gueraf

ASKER

I got the certificate installed using the console. The cert is showing in there with an x mark, does this mean I need to run above command on EMS to enable the certificate that I just installed?
Avatar of gueraf

ASKER

Ok, my bad...the EMS command is the same I did except thru the console.
SOLUTION
Avatar of Alan Hardisty
Alan Hardisty
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of gueraf

ASKER

Is this right?
Enable-ExchangeCertificate-D9B381A2303DC2B7C113D9432657BAE04C332038-Services"IIS,POP,IMAP,SMTP"
ASKER CERTIFIED SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of gueraf

ASKER

Here is screen shot of error
Enable-ExchangeCertificate.JPG
Are you running the EMS as Administrator?  Start> Run> Exchange 2007> Exchange Management Shell> Right-Click and choose Run as Administrator.

Then run the command again.
Avatar of gueraf

ASKER

I'm getting the same error
Can you run the following command please:

Enable-ExchangeCertificate -Thumbprint D9B381A2303DC2B7C113D9432657BAE04C332038 -Services "POP,IMAP,SMTP"

Seems possible that you don't have IIS installed.
Avatar of gueraf

ASKER

It is installed
IIS.JPG
Okay - what about POP3 / IMAP?
Avatar of gueraf

ASKER

Services are installed
Okay - it seems that the Quote marks may be upsetting things,  Please try the following:

Enable-ExchangeCertificate -Thumbprint D9B381A2303DC2B7C113D9432657BAE04C332038 -Services IIS,POP,IMAP,SMTP
Avatar of gueraf

ASKER

same error, but I rebooted the server and used the console again and this time the assign services is now available.
Did the command work?
Avatar of gueraf

ASKER

The command comes up with the same error, but somehow it enabled the option on the console to add the services and I am now able to do it that way.
Very weird.

Did you install all the exchange pre-requisites on the server?
Extract from https://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2881-Migrate-Small-Business-Server-2003-to-Exchange-2010-and-Windows-2008-R2.html

Click Start > All Programs > Accessories > Windows PowerShell

Once the PowerShell is opened run the following commands:
Import-Module ServerManager

There is no notification this has completed you will just see a flashing cursor waiting for input.  This command will allow us to add server roles and features via the PowerShell command.

Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server,Web-ISAPI-Ext,Web-Digest-Auth,Web-Dyn-Compression,NET-HTTP-Activation,RPC-Over-HTTP-Proxy –Restart
Avatar of gueraf

ASKER

Yes, I did
Good.  So is the cert installed happily now?
Avatar of gueraf

ASKER

Alan,

Thanks for the help!
You are welcome - glad it is happier now and thanks for the points.

Have a Happy New Year.

Alan
Avatar of gueraf

ASKER

Just last question on enabling outlook anywhere, which authentication should I use? Basic or NTLM?

You too thank you!!
NTLM is default - but I am behind Forefront TMG and use Basic!  Before I installed FTMG - NTLM was the norm.
Avatar of gueraf

ASKER

ok, thanks again!
You are welcome.  Hope setting up the rest is plain sailing : )