Link to home
Start Free TrialLog in
Avatar of crp0499
crp0499Flag for United States of America

asked on

Creating a certificate for 2010 OWA

I have a single Server 2008 Rs Enterprise.  It's running Exchange 2010 Enterprise.  This morning I received a message in the event log that there was no certificate for mail.mydomain.com to be found.  So, loaded with my new knowledge of certificates, I went to work.

I went in the EMC and created the cert req using the friendly name of mail.mydomain.com.  This action created a req file on my desktop.  

I then went into https://localhost/certsrv and pasted the encrypted key into the web page and proceeded to create my cer.

I then went back to my EMC and completed the req using the cer file I now have.

As soon as I did that, my cert disappeared from my EMC and I can't find it nor can I confirm if it's installed and running now.

HELP!  :)

Seriously, what's going on?

Thanks


Cliff
Avatar of Shreedhar Ette
Shreedhar Ette
Flag of India image

- Go to Exchange PowerShell and Execute this command
Get-ExchangeCertificate and post the out put here.
Avatar of crp0499

ASKER

Thumbprint                                Services   Subject
----------                                --------   -------
25F7F5573CC0306FAE5012A4BA03FB1ADE7689AA  IP.WS.     CN=exchange2
ASKER CERTIFIED SOLUTION
Avatar of Shreedhar Ette
Shreedhar Ette
Flag of India image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of crp0499

ASKER

the .cer is in the root of C:  trying your command now
Avatar of crp0499

ASKER

error - a positional parameter cannot be found that accepts argument '-Path'
Use this: Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path c:\cert.pfx -Encoding Byte -ReadCount 0))
Avatar of crp0499

ASKER

you just went above my head.  i have a cer in the root of my C: drive.  it's 1,737 bytes.  
Execute this command in Exchange managem console:
Import-ExchangeCertificate -FileData ([Byte[]]$(Get-Content -Path c:\cert.pfx -Encoding Byte -ReadCount 0))

Make Sure Path and filename is proper.
Avatar of crp0499

ASKER

ok, error, A cert with the thumbprint F56************************* already exists.
First Execute this:
Get-ExchangeCertificate -Thumbprint  F56************************* | remove-Exchangecertificate

Repalce the F56************************* with full thumb print.

After that try the Import-ExchangeCertificate.
Avatar of crp0499

ASKER

The certificate with thumbprint F567136E626796938342F6DF66E9F875123D95D3 was found but is not valid for use with Exchan
ge Server (reason: PkixKpServerAuthNotFoundInEnhancedKeyUsage).
    + CategoryInfo          : NotSpecified: (:) [Get-ExchangeCertificate], InvalidOperationException
    + FullyQualifiedErrorId : 7695CDDB,Microsoft.Exchange.Management.SystemConfigurationTasks.GetExchangeCertificate