Solved

This CA root certificate is not trusted. to enable trust, install this certificate in the trusted root certification authorities store.

Posted on 2011-09-19
9
24,789 Views
Last Modified: 2016-08-31
I was able to renew a self signing certificate on Exchange 2007 using the console, but I cannot make it trusted. The Exchange box is part of a domain, but the DC doesn't have SSL enabled so I'm working on the exchange box only. How do I add this cert to the trusted root cert authorities store?
0
Comment
Question by:fnillc
9 Comments
 
LVL 16

Expert Comment

by:jessc7
Comment Utility
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
Comment Utility
are you trying to install a certificate from public CA ? or internal CA ? if public, no need for more config just install it.
0
 

Author Comment

by:fnillc
Comment Utility
I need to add the cert to the trusted root CA on the exchange server itself, not a workstation. I renewed the cert using the Exchange Management Shell on the Exchange box via "Get-ExchangeCertificate -thumbprint "xxx" New-Exchangecertificate". I'm getting the "install this certificate in the trusted root certification authorities store" in the IIS Manager - Default Web Site Properties - View Certificate.
0
 
LVL 16

Expert Comment

by:jessc7
Comment Utility
Manage Trusted Root Certificates (Windows 7, Windows Server 2008 R2)http://technet.microsoft.com/en-us/library/cc754841.aspx
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 
LVL 16

Expert Comment

by:jessc7
Comment Utility
Diregard the previous link. It wasn't what I thought - sorry.
0
 
LVL 8

Accepted Solution

by:
Shmoid earned 500 total points
Comment Utility
Just copy it from the installed location to the trusted root store.

To do so:

Launch MMC.
Add Certificates Snap-in for Local Computer.
Expand Certificates (Local Computer)
Expand Personal
Click Certificates folder
Right click on the self-signed cert and choose copy
Expand Trusted Root Certification Authorities
Right click Certificates folder (under Trusted Root...) and select Paste.
You will be prompted with a security warning. Verify the cert listed is the self-signed cert and click yes.
0
 

Author Comment

by:fnillc
Comment Utility
Thanks Shmoid! your sugestion fix it.
0
 
LVL 1

Expert Comment

by:Versatile450
Comment Utility
What happens if I run that command and I get prompted to insert a smartcard?..
0
 

Expert Comment

by:Jason Jason
Comment Utility
Thank you so much Shmoid! You just saved my hide.
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now