We help IT Professionals succeed at work.

Exchange 2007 import certificate

netrescue
netrescue asked
on
i have acquired a new public certificate for my exchange server as its existing certificate will expire soon.
the certificate was requested and the details of the certificate read as it should and matches most of the fields of the existing certificate.
when trying to import the new certificate using the import-exchangecertificate command i get the following error message -
cannot import as there already is a certificate with a thumbprint of xxx.
so i tried removing the certificate using the remove-exchangecertificate -thumbprint command and received the following -
the certificate with thumbprint xxx was found but is not valid for use with exchange server <reason:privatekeymissing>

any assistance would be appreciated.
Comment
Watch Question

AkhaterSolutions Architect
BRONZE EXPERT

Commented:
well what you did is you just renewed the certificate on the website and you downloaded a new .cer and that's your issue.


In exchange there is really nothing called "renewing a certificate" you need to create a new one. so

1. Create a new CSR in exchange with all the name you need
2. go to your Certificate Authority and rekey your certificate and submit the new CSR created in 1
3. get the new cer from the CA
4. Import-certificate will work
hey guys,
i used the certutil -repairstore command to repair the existing certificate and then was able to use the enable -exchangeservice command and use got it to work.

Author

Commented:
commands fixed or repaired existing certificate and i didnt need to request a new one.

Commented:
genrate the request of certificate with specific name
send the certreq.txt to Public CA .
they willsend back you certificate.
import this certificate in exchange .
export *.pfx file from exchange .
copy both file on reverse proxy if you are using.
import the certificate and .pfx file in Personal store .
remove the existing certificate
restart the reverse proxy services.
web listner again browse the certificate.


Regards
KK

Explore More ContentExplore courses, solutions, and other research materials related to this topic.