How do I export an SSL certificate from a TMG server?

I have a Forefront TMG server that holds the SSL certificate for our Exchange 2010 OWA Server.  I am trying to request a new SSL since this one will expire soon.  I setup a certificates MMC and can see the certificate.  Whenever I try and request a new cert I receive the following "Enrollment error - The request contains no certificate information."

I found some links online that offer assistance, but so far no luck.  How can I get this cert off to get renewed?

Thanks in advance.
copioAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
copioConnect With a Mentor Author Commented:
So I resolved it.  Here is what I did.

1.  I installed the IIS Manager role on the TMG Server.
2.  I was then able to create the CSR.
0
 
Keith AlabasterEnterprise ArchitectCommented:
Not the way it is done. Request the new cert from the Exchange system, not the TMG box. When you get the new cert back import into the Exchange/iis server - then export it from Exchange (with the private key) and import to the TMG box. Edit the TMG listener and select the new cert - reboot the TMG.
0
 
copioAuthor Commented:
Keith, I can't see the OWA cert from the Exchange System.  Am I doing something wrong?
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
AkhaterCommented:
Open Exchange System Manager -> Server configuration

on the right hand side select your CAS server and look further on your right hand side you have an action to create a new exchange certificate
0
 
copioAuthor Commented:
This is the solution that worked.
0
 
AkhaterCommented:
IIS role on tmg is not a good idea since both use port 80 and 443 and it was already pointed out to you that it should be done from Exchange and not from IIS
0
 
Keith AlabasterEnterprise ArchitectCommented:
Absolutely mental
0
 
copioAuthor Commented:
Keith,

I agree with you 110%.  I've done CSR/s in the past.  I'm a consultant and some genius decided to put the OWA SSL on the TMG.  I have no idea how it got there since IIS was not installed on the TMG.  I had to install the ISS MANAGER ONLY - NOT IIS <-- to generate the CSR.  Hopefully it will be placed on the Exchange Server and not the TMG.  Complete messes are usually left for me by all the clients I support.  I tend to find some geniuses out there.  :-p
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.