Solved

How do I export an SSL certificate from a TMG server?

Posted on 2011-09-13
8
534 Views
Last Modified: 2012-05-12
I have a Forefront TMG server that holds the SSL certificate for our Exchange 2010 OWA Server.  I am trying to request a new SSL since this one will expire soon.  I setup a certificates MMC and can see the certificate.  Whenever I try and request a new cert I receive the following "Enrollment error - The request contains no certificate information."

I found some links online that offer assistance, but so far no luck.  How can I get this cert off to get renewed?

Thanks in advance.
0
Comment
Question by:copio
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
8 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 36532019
Not the way it is done. Request the new cert from the Exchange system, not the TMG box. When you get the new cert back import into the Exchange/iis server - then export it from Exchange (with the private key) and import to the TMG box. Edit the TMG listener and select the new cert - reboot the TMG.
0
 

Author Comment

by:copio
ID: 36532250
Keith, I can't see the OWA cert from the Exchange System.  Am I doing something wrong?
0
 
LVL 49

Expert Comment

by:Akhater
ID: 36532556
Open Exchange System Manager -> Server configuration

on the right hand side select your CAS server and look further on your right hand side you have an action to create a new exchange certificate
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 

Accepted Solution

by:
copio earned 0 total points
ID: 36575831
So I resolved it.  Here is what I did.

1.  I installed the IIS Manager role on the TMG Server.
2.  I was then able to create the CSR.
0
 

Author Closing Comment

by:copio
ID: 36597791
This is the solution that worked.
0
 
LVL 49

Expert Comment

by:Akhater
ID: 36575849
IIS role on tmg is not a good idea since both use port 80 and 443 and it was already pointed out to you that it should be done from Exchange and not from IIS
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 36575892
Absolutely mental
0
 

Author Comment

by:copio
ID: 36575937
Keith,

I agree with you 110%.  I've done CSR/s in the past.  I'm a consultant and some genius decided to put the OWA SSL on the TMG.  I have no idea how it got there since IIS was not installed on the TMG.  I had to install the ISS MANAGER ONLY - NOT IIS <-- to generate the CSR.  Hopefully it will be placed on the Exchange Server and not the TMG.  Complete messes are usually left for me by all the clients I support.  I tend to find some geniuses out there.  :-p
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses
Course of the Month7 days, 3 hours left to enroll

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question