Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 38765
  • Last Modified:

This CA root certificate is not trusted. to enable trust, install this certificate in the trusted root certification authorities store.

I was able to renew a self signing certificate on Exchange 2007 using the console, but I cannot make it trusted. The Exchange box is part of a domain, but the DC doesn't have SSL enabled so I'm working on the exchange box only. How do I add this cert to the trusted root cert authorities store?
0
fnillc
Asked:
fnillc
1 Solution
 
Suliman Abu KharroubIT Consultant Commented:
are you trying to install a certificate from public CA ? or internal CA ? if public, no need for more config just install it.
0
 
fnillcAuthor Commented:
I need to add the cert to the trusted root CA on the exchange server itself, not a workstation. I renewed the cert using the Exchange Management Shell on the Exchange box via "Get-ExchangeCertificate -thumbprint "xxx" New-Exchangecertificate". I'm getting the "install this certificate in the trusted root certification authorities store" in the IIS Manager - Default Web Site Properties - View Certificate.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
jessc7Commented:
Manage Trusted Root Certificates (Windows 7, Windows Server 2008 R2)http://technet.microsoft.com/en-us/library/cc754841.aspx
0
 
jessc7Commented:
Diregard the previous link. It wasn't what I thought - sorry.
0
 
ShmoidCommented:
Just copy it from the installed location to the trusted root store.

To do so:

Launch MMC.
Add Certificates Snap-in for Local Computer.
Expand Certificates (Local Computer)
Expand Personal
Click Certificates folder
Right click on the self-signed cert and choose copy
Expand Trusted Root Certification Authorities
Right click Certificates folder (under Trusted Root...) and select Paste.
You will be prompted with a security warning. Verify the cert listed is the self-signed cert and click yes.
0
 
fnillcAuthor Commented:
Thanks Shmoid! your sugestion fix it.
0
 
Versatile450Commented:
What happens if I run that command and I get prompted to insert a smartcard?..
0
 
Jason JasonCommented:
Thank you so much Shmoid! You just saved my hide.
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now