• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 914
  • Last Modified:

Unable to apply certificate to Exchange 2010

Unable to apply certificate to Exchange 2010
After applying signed request from Network Solution Pending request in exchange still stays pending.  Try to apply the cert through PowerShell but it identifies the cert as already present.  That makes sense since I completed the pending request, but the status does not change.  

I tried a certutil –repairstore my “thumbprint“  but I get command failed: 0x80090011 (-2146893807) Object not found.  
I tried a certutil –addstore my “certfile” but it says the cert is already present
0
GracoIT
Asked:
GracoIT
1 Solution
 
DLeaverCommented:
When you run the following in powershell are there services listed next to the listed certificates like SMTP, IMAP, IIS?

Get-exchangecertificate | fl
0
 
Simon Butler (Sembee)ConsultantCommented:
I would suggest that you remove the certificate request, generate a new one and then do a Rekey or whatever Network Solutions call it. There is obviously a problem with the certificate request that you are using.

Simon.
0
 
GracoITAuthor Commented:
There are no services listed.  I assumed that would have been the next step after applying the signed cert.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Simon Butler (Sembee)ConsultantCommented:
The certificate will have no services enabled for it after installation. That is why you have to enable them.

Simon.
0
 
GracoITAuthor Commented:
We actually did go back and had new certs created has we had issues with just select the old cert for renewal.  We generated this request from power shell.
0
 
GracoITAuthor Commented:
The option to enable the service is not available and the certificate is still in pending certificate signing request.
0
 
suriyaehnopCommented:
1. Import-ExchangeCertificate –Path c:\certname. Verify the thumbprint
2. Get-ExchangeCertificate -Thumbprint <thumbprint> from no.1
3. Enable-ExchangeCertificate –Thumbprint <thumbprint> -Services “IIS, POP, IMAP"

http://www.msexchange.org/articles_tutorials/exchange-server-2007/high-availability-recovery/load-balancing-exchange-2007-client-access-servers-windows-network-technology-part3.html
0
 
Simon Butler (Sembee)ConsultantCommented:
Those are the Exchange 2007 commands, they don't apply to Exchange 2010.

I have never seen an SSL request fail to complete the pending part.
Have you tried creating the request on another server, completing it there and then exporting that certificate? You can use the wizard in Exchange to do everything.

The other reason could be that the certificate is being corrupted during transit. How does it arrive? Do you download it, or is it coming by email?

Simon.
0
 
GracoITAuthor Commented:
We received the certificate in a zip file from Network Solutions.  It four files. AddTrustExternalCARoot.crt, NetworkSolutionsAddTrustEVServerCA.crt, NetworkSolutionsEVServerCA.crt, and www.domain.com.crt
0
 
GracoITAuthor Commented:
There was a problem with the certificate as it was the wrong one.  We were renewing multiple certificates at the same time and got them crossed up.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now