status: "invalid" SSL cert

Posted on 2011-04-21
Last Modified: 2012-05-11
This cert for some reason has a status of "invalid". How do I fix it?

[PS] C:\Documents and Settings\user>Get-ExchangeCertificate | fl

AccessRules        : {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAccessRule}
CertificateDomains : {,, server1.local,, mail.server2.local,, mail.server1.local, mh-msx, mh-msx.server1.local,, autodiscover.server1.local,, autodiscover.server2.local}
HasPrivateKey      : True
IsSelfSigned       : False
Issuer             : SERIALNUMBER=354545453, CN=Go Daddy Secure Certification Authority, OU=, O=", Inc.", L=Scottsdale, S=Arizona, C=US
NotAfter           : 4/12/2014 9:14:26 AM
NotBefore          : 4/12/2011 9:14:26 AM
PublicKeySize      : 2048
RootCAType         : Unknown
SerialNumber       : 34q097nq4ng094
Services           : IMAP, POP, IIS, SMTP
Status             : Invalid
Subject            :, OU=Domain Control Validated,
Thumbprint         : 1234567890abcdefghijklmnopqrstuvwxyz
Question by:MH-Administrator
    LVL 9

    Expert Comment

    First make sure that the Cert has not expired. and if has not then   Here is a guide to show you how to install the Godaddy Cert.

    LVL 9

    Expert Comment

    It look like the cert Expires 4/12/2014 so you should be good..
    LVL 9

    Expert Comment

    Make sure that the hostname of the server matches the host name on the certificate.  Aliases can sometime cause problems.
    LVL 58

    Accepted Solution


    The certificate will show as Invalid for various reasons, including being expired (not your problem) or if it cannot be traced to a trusted root certification authority.

    Did you import GoDaddy's intermediate certificate (it is in the ZIP file you download, called sf_intermediates or words to that effect) to your Trusted Intermediate Certification Authority store (via mmc > Certificates snap-in > Computer account)?

    You will need to do that to ensure the proper certificate chain is served down to clients, and indeed for Exchange to recognise the certificate.


    Featured Post

    Are your corporate email signatures appalling?

    Is it scary how unprofessional your email signatures look? Do users create their own terrible designs and give themselves stupid job titles? You can make this a lot easier for yourself by choosing an email signature management solution from Exclaimer today.

    Join & Write a Comment

    Email statistics and Mailbox database quotas You might have an interest in attaining information such as mailbox details, mailbox statistics and mailbox database details from Exchange server. At that point, knowing how to retrieve this information …
    ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
    In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
    This video discusses moving either the default database or any database to a new volume.

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now