Terrymac_Computer_Guy
asked on
Exchange 2007 certificate not showing Services
When I look at the certificates in our exchange server they don't show the services.
Our certificate expired and need to create a new one.
I tried adding the service smtp and the command looks like it completes but when I look at the certificates again it still doesn't show the services. Need help to find out why and get it fixed.
Here is an example below of the newly created one.
AccessRules : {System.Security.AccessCon trol.Crypt oKeyAccess Rule, System
.Security.AccessControl.Cr yptoKeyAcc essRule, System.Securi
ty.AccessControl.CryptoKey AccessRule }
CertificateDomains : {mail.company.com, Server1, server1.company.com, autodiscover.company.com}
HasPrivateKey : True
IsSelfSigned : True
Issuer : CN=mail.company.com
NotAfter : 11/7/2012 10:23:59 PM
NotBefore : 11/7/2011 10:23:59 PM
PublicKeySize : 2048
SerialNumber : 9D65FEF7ABC72BBE4FF2D91E7E FA1E77
Status : Valid
Subject : CN=mail.company.com
Thumbprint : E50391550CB4F91FF15B65D15D 237B642602 CA7B
Our certificate expired and need to create a new one.
I tried adding the service smtp and the command looks like it completes but when I look at the certificates again it still doesn't show the services. Need help to find out why and get it fixed.
Here is an example below of the newly created one.
AccessRules : {System.Security.AccessCon
.Security.AccessControl.Cr
ty.AccessControl.CryptoKey
CertificateDomains : {mail.company.com, Server1, server1.company.com, autodiscover.company.com}
HasPrivateKey : True
IsSelfSigned : True
Issuer : CN=mail.company.com
NotAfter : 11/7/2012 10:23:59 PM
NotBefore : 11/7/2011 10:23:59 PM
PublicKeySize : 2048
SerialNumber : 9D65FEF7ABC72BBE4FF2D91E7E
Status : Valid
Subject : CN=mail.company.com
Thumbprint : E50391550CB4F91FF15B65D15D
Which cmdlet are you using to get that output?
ASKER
Get-ExchangeCertificate | List
Try this:
get-exchangecertificate | %{$_.services}
If it doesn't return any output, you might have some permissions issues.
get-exchangecertificate | %{$_.services}
If it doesn't return any output, you might have some permissions issues.
ASKER
it returns
IMAP, POP, IIS, SMTP
IMAP, POP, SMTP
SMTP
IMAP, POP, IIS, SMTP
IMAP, POP, SMTP
SMTP
ASKER
The Outlook clients are popping up a certificate warning message still. The original certificate expired.
If I go ahead and select view certificates and install new certificate at the Outlook client it received the new certificate with a warning about trusting any certificate from the server name. And then the popup error goes away and appears to work normally.
Isn't the new certificate done at the server suppose to take care of this trusting and the need to install at the Outlook client not necessary?
If I go ahead and select view certificates and install new certificate at the Outlook client it received the new certificate with a warning about trusting any certificate from the server name. And then the popup error goes away and appears to work normally.
Isn't the new certificate done at the server suppose to take care of this trusting and the need to install at the Outlook client not necessary?
ASKER
When I try and open up the Nicrosoft Certificate Services I get an error The specified services does not exist as an installed service on this server.
Its a Server 2003 x64 edition with exchange 2007
Its a Server 2003 x64 edition with exchange 2007
Have you removed the old certificate yet?
ASKER
No I believe its still there expired on Nov 5th, 2011.
However there was another gentleman who tried following steps to install a certificate before I got here. Not sure if he deleted any.
However there was another gentleman who tried following steps to install a certificate before I got here. Not sure if he deleted any.
You'll definitely want to remove the old one if it's there still. That might be part of your problem.
ASKER
All the documentation I've read say to make sure the new certificate is working before removing the old. Can you send a link showing how removing the old is necessary before the new will take over?
Also its strange the outlook client sees the new cert but does not trust it automatically. Any thoughts on this?
Also its strange the outlook client sees the new cert but does not trust it automatically. Any thoughts on this?
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
Have not figured it out and went with the work around of importing the certificate at each workstation.