Exchange 2010 Cert Renewal problems
We have a standalone Exchange 2010 that will have it's cert expire next month. Our problem is that doing the "Renew Exchange Certificate" from EMC generates a .req file that contains gibberish and is not in the acceptable format. If we do renew certificate via IIS7, we get an acceptable format but then pasting it onto GeoTrust's site for renewal generates an error stating that it's too long. So far I only seen one forum with reference to this issue but there was still no solution there (http://social.technet.microsoft.com/Forums/en-NZ/exchange2010/thread/32deccf8-17b6-444c-b523-663fd1276cd7).
Sample of gibberish .req file out of EMC:
0‚?¯0‚?—?? 0ý1)0'??U??? BonKThT2fPRC8tM2Phn/eZ02yT
??webmail.comcraft.com.sg1
GT60867062110/??U???(See www.geotrust.com/resources/cps (c)101705??U???.Domain Control Validated - QuickSSL(R) Premium1 0???U????webmail.comcraft.
? *†H†÷
???? ?‚?? 0‚?
?‚?? ÓEñ~sä?:ª0- ª5CyÅ?Zl€ñÛd²×ù?Ú š¢¢ËU?.{q!è¨?ž$¡»±JC„ñ¡úµÜ
ãO?
N„??³Ú?¤?Ñ?ÍTK¶ûzðOIJÒ?5f
Ì:åý`òk^/°?äs"´2²?°½%T'???
+????‚7
??1??
6.1.7600.20f? +????‚7??1Y0W?????CMCFTEXC
? ?1c0a0???U????ÿ????? 0"??U????0?‚?webmail.comcr
?ŸÎ‰Afé?ò?dëê"ÇÃe0r?
+????‚7
??1d0b????Z M i c r o s o f t R S A S C h a n n e l C r y p t o g r a p h i c P r o v i d e r?? 0
? *†H†÷
???? ?‚?? 9
ç×Ö‹úÍÒrŒ?VÃ?ç?l…‚càHúb?ÌÔ
?'¿†-1íÅ}¡º2<]„™¢jl@µ0‡?*§
Sample of a very long cert generated via IIS7:
-----BEGIN NEW CERTIFICATE REQUEST-----
MIINrwYJKoZIhvcNAQcCoIINoD
hvcNAQcBoIIH1gSCB9IwggfOMI
UFJDOHRNMlBobi9lWjAyeVQtOV
ZWJtYWlsLmNvbWNyYWZ0LmNvbS
A1UECwwoU2VlIHd3dy5nZW90cn
MDUGA1UECwwuRG9tYWluIENvbn
UHJlbWl1bTEgMB4GA1UEAwwXd2
KoZIhvcNAQEBBQADgY0AMIGJAo
XOEI7yf0GebQ1GRrhFiXCVD1G9
d4kucN1Vi8bLdhbtZVXIAgLKus
arZhnFkLAgMBAAGgggWOMBoGCi
BgEEAYI3FRQxRTBDAgEFDBlDTU
UkFGVFxhZG1pbmlzdHJhdG9yDA
VgIBAh5OAE0AaQBjAHIAbwBzAG
AHQAbwBnAHIAYQBwAGgAaQBjAC
9w0BCQ4xdDByMA4GA1UdDwEB/w
KwYBBQUHAwIwIgYDVR0RBBswGY
VR0OBBYEFLpIx0PVEtMN4zVvSM
BBswggOEoAMCAQICAxMDkTANBg
MA4GA1UEChMHRXF1aWZheDEtMC
aWNhdGUgQXV0aG9yaXR5MB4XDT
gf0xKTAnBgNVBAUTIEJvbktUaF
CQYDVQQGEwJTRzEgMB4GA1UECh
BgNVBAsTCkdUNjA4NjcwNjIxMT
L3Jlc291cmNlcy9jcHMgKGMpMT
bGlkYXRlZCAtIFF1aWNrU1NMKF
Y29tY3JhZnQuY29tLnNnMIIBIj
554IPq3oGKaAG5V941bv04Nc8S
iGeP8drHzODaWwlDgib76xF61g
uGRPq8xpFQklB9D8PxJN8FuVi4
OHejhb8EbgqANCAE/uT92BQurq
ahxJKkNbkok+skzMlqtOoSi9HI
wnFx5G4YCkqlSpgYAYMw5wIDAQ
10fYIyAQTzOYkJ/UMA4GA1UdDw
AQYIKwYBBQUHAwIwIgYDVR0RBB
OgYDVR0fBDMwMTAvoC2gK4YpaH
ZWN1cmVjYS5jcmwwHQYDVR0OBB
SIb3DQEBBQUAA4GBACOuh3WUaW
lmzgSjQWTQqFyPbD7wupL5RecL
YWFezOknRbNy1C5YXdxKtVx4vy
CSqGSIb3DQEBBQUAA4GBAIQaHI
IsYJcCuW0koviOo0BCfpSkNtUV
K6tdkiyprFLjEkwUBmEO+I+T4N
oIIEHzCCBBswggOEoAMCAQICAx
EwJVUzEQMA4GA1UEChMHRXF1aW
Q2VydGlmaWNhdGUgQXV0aG9yaX
NDkwNFowgf0xKTAnBgNVBAUTIE
cVQ4MQswCQYDVQQGEwJTRzEgMB
c2cxEzARBgNVBAsTCkdUNjA4Nj
c3QuY29tL3Jlc291cmNlcy9jcH
cm9sIFZhbGlkYXRlZCAtIFF1aW
Ym1haWwuY29tY3JhZnQuY29tLn
CgKCAQEA554IPq3oGKaAG5V941
RIPYhKXWiGeP8drHzODaWwlDgi
GI8eJFCOuGRPq8xpFQklB9D8Px
YYl+SWjyOHejhb8EbgqANCAE/u
02Vz/QIcahxJKkNbkok+skzMlq
yTDx7dzMwnFx5G4YCkqlSpgYAY
aPkr0rKV10fYIyAQTzOYkJ/UMA
BgEFBQcDAQYIKwYBBQUHAwIwIg
b20uc2cwOgYDVR0fBDMwMTAvoC
Y3Jscy9zZWN1cmVjYS5jcmwwHQ
MA0GCSqGSIb3DQEBBQUAA4GBAC
L0aAcd0qlmzgSjQWTQqFyPbD7w
xN+aVBXcYWFezOknRbNy1C5YXd
r2APMYIBfDCCAXgCAQEwVTBOMQ
eDEtMCsGA1UECxMkRXF1aWZheC
AgMTA5EwCQYFKw4DAhoFADANBg
JDuIAD7Vt2KlIUDSBzAtMkQ9D9
gtcPuoGnPM1swLSFHqAgF4om5w
oS4qZcvudlfDbfavVc3Pwy51Tv
GLbCiRpbr0J5pLuqKWkhbXDHqy
1K3l3ANUQE+NrZDFn3sWy2RYBZ
QGQz
-----END NEW CERTIFICATE REQUEST-----
Your expert help is much needed as we've got only month prior to expiry. Fire Away!
Sample of gibberish .req file out of EMC:
0‚?¯0‚?—?? 0ý1)0'??U??? BonKThT2fPRC8tM2Phn/eZ02yT
??webmail.comcraft.com.sg1
GT60867062110/??U???(See www.geotrust.com/resources/cps (c)101705??U???.Domain Control Validated - QuickSSL(R) Premium1 0???U????webmail.comcraft.
? *†H†÷
???? ?‚?? 0‚?
?‚?? ÓEñ~sä?:ª0- ª5CyÅ?Zl€ñÛd²×ù?Ú š¢¢ËU?.{q!è¨?ž$¡»±JC„ñ¡úµÜ
ãO?
N„??³Ú?¤?Ñ?ÍTK¶ûzðOIJÒ?5f
Ì:åý`òk^/°?äs"´2²?°½%T'???
+????‚7
??1??
6.1.7600.20f? +????‚7??1Y0W?????CMCFTEXC
? ?1c0a0???U????ÿ????? 0"??U????0?‚?webmail.comcr
?ŸÎ‰Afé?ò?dëê"ÇÃe0r?
+????‚7
??1d0b????Z M i c r o s o f t R S A S C h a n n e l C r y p t o g r a p h i c P r o v i d e r?? 0
? *†H†÷
???? ?‚?? 9
ç×Ö‹úÍÒrŒ?VÃ?ç?l…‚càHúb?ÌÔ
?'¿†-1íÅ}¡º2<]„™¢jl@µ0‡?*§
Sample of a very long cert generated via IIS7:
-----BEGIN NEW CERTIFICATE REQUEST-----
MIINrwYJKoZIhvcNAQcCoIINoD
hvcNAQcBoIIH1gSCB9IwggfOMI
UFJDOHRNMlBobi9lWjAyeVQtOV
ZWJtYWlsLmNvbWNyYWZ0LmNvbS
A1UECwwoU2VlIHd3dy5nZW90cn
MDUGA1UECwwuRG9tYWluIENvbn
UHJlbWl1bTEgMB4GA1UEAwwXd2
KoZIhvcNAQEBBQADgY0AMIGJAo
XOEI7yf0GebQ1GRrhFiXCVD1G9
d4kucN1Vi8bLdhbtZVXIAgLKus
arZhnFkLAgMBAAGgggWOMBoGCi
BgEEAYI3FRQxRTBDAgEFDBlDTU
UkFGVFxhZG1pbmlzdHJhdG9yDA
VgIBAh5OAE0AaQBjAHIAbwBzAG
AHQAbwBnAHIAYQBwAGgAaQBjAC
9w0BCQ4xdDByMA4GA1UdDwEB/w
KwYBBQUHAwIwIgYDVR0RBBswGY
VR0OBBYEFLpIx0PVEtMN4zVvSM
BBswggOEoAMCAQICAxMDkTANBg
MA4GA1UEChMHRXF1aWZheDEtMC
aWNhdGUgQXV0aG9yaXR5MB4XDT
gf0xKTAnBgNVBAUTIEJvbktUaF
CQYDVQQGEwJTRzEgMB4GA1UECh
BgNVBAsTCkdUNjA4NjcwNjIxMT
L3Jlc291cmNlcy9jcHMgKGMpMT
bGlkYXRlZCAtIFF1aWNrU1NMKF
Y29tY3JhZnQuY29tLnNnMIIBIj
554IPq3oGKaAG5V941bv04Nc8S
iGeP8drHzODaWwlDgib76xF61g
uGRPq8xpFQklB9D8PxJN8FuVi4
OHejhb8EbgqANCAE/uT92BQurq
ahxJKkNbkok+skzMlqtOoSi9HI
wnFx5G4YCkqlSpgYAYMw5wIDAQ
10fYIyAQTzOYkJ/UMA4GA1UdDw
AQYIKwYBBQUHAwIwIgYDVR0RBB
OgYDVR0fBDMwMTAvoC2gK4YpaH
ZWN1cmVjYS5jcmwwHQYDVR0OBB
SIb3DQEBBQUAA4GBACOuh3WUaW
lmzgSjQWTQqFyPbD7wupL5RecL
YWFezOknRbNy1C5YXdxKtVx4vy
CSqGSIb3DQEBBQUAA4GBAIQaHI
IsYJcCuW0koviOo0BCfpSkNtUV
K6tdkiyprFLjEkwUBmEO+I+T4N
oIIEHzCCBBswggOEoAMCAQICAx
EwJVUzEQMA4GA1UEChMHRXF1aW
Q2VydGlmaWNhdGUgQXV0aG9yaX
NDkwNFowgf0xKTAnBgNVBAUTIE
cVQ4MQswCQYDVQQGEwJTRzEgMB
c2cxEzARBgNVBAsTCkdUNjA4Nj
c3QuY29tL3Jlc291cmNlcy9jcH
cm9sIFZhbGlkYXRlZCAtIFF1aW
Ym1haWwuY29tY3JhZnQuY29tLn
CgKCAQEA554IPq3oGKaAG5V941
RIPYhKXWiGeP8drHzODaWwlDgi
GI8eJFCOuGRPq8xpFQklB9D8Px
YYl+SWjyOHejhb8EbgqANCAE/u
02Vz/QIcahxJKkNbkok+skzMlq
yTDx7dzMwnFx5G4YCkqlSpgYAY
aPkr0rKV10fYIyAQTzOYkJ/UMA
BgEFBQcDAQYIKwYBBQUHAwIwIg
b20uc2cwOgYDVR0fBDMwMTAvoC
Y3Jscy9zZWN1cmVjYS5jcmwwHQ
MA0GCSqGSIb3DQEBBQUAA4GBAC
L0aAcd0qlmzgSjQWTQqFyPbD7w
xN+aVBXcYWFezOknRbNy1C5YXd
r2APMYIBfDCCAXgCAQEwVTBOMQ
eDEtMCsGA1UECxMkRXF1aWZheC
AgMTA5EwCQYFKw4DAhoFADANBg
JDuIAD7Vt2KlIUDSBzAtMkQ9D9
gtcPuoGnPM1swLSFHqAgF4om5w
oS4qZcvudlfDbfavVc3Pwy51Tv
GLbCiRpbr0J5pLuqKWkhbXDHqy
1K3l3ANUQE+NrZDFn3sWy2RYBZ
QGQz
-----END NEW CERTIFICATE REQUEST-----
Your expert help is much needed as we've got only month prior to expiry. Fire Away!
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
in taht case, I suppose you have tried this as well ? http://technet.microsoft.com/en-us/library/ee332322.aspx
ASKER
hi Mkris9 - yes sir. no go
Has anyone discovered what to do about this? I'm having the exact same problem.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
my solution worked.
Just as an update, if you do use the emc to generate your renewal you can convert the encoded file using the command prompt.
certutil -encode requestfilename.req targetfilename.csr
certutil -encode requestfilename.req targetfilename.csr
ASKER