Solved

Change Exchange 2010 certificate

Posted on 2013-01-16
11
321 Views
Last Modified: 2013-01-17
I made an error in one of the names on an SSL certificate.

I've got the certificate issuing authority to issue a new certificate with the amended details but can't find how to replace an existing certificate.
0
Comment
Question by:andrew_2706
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
11 Comments
 
LVL 40

Expert Comment

by:als315
ID: 38781757
0
 

Author Comment

by:andrew_2706
ID: 38781781
I've tried the first and created a request and then completed using the new certificate I have which has been imported somewhere but still the old certificate is working and the one that is showing in EMC Exchange Certificates
0
 
LVL 40

Expert Comment

by:als315
ID: 38781791
Have you made "Complete pending request" and assigned it to services?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:andrew_2706
ID: 38781848
When I complete the certificate does not show in EMC so unable to assign to services?
0
 
LVL 40

Expert Comment

by:als315
ID: 38782043
What is the result of complete action? Any errors?
0
 

Author Comment

by:andrew_2706
ID: 38782156
No Errors completing request

Summary: 2 item(s). 2 succeeded, 0 failed.
Elapsed time: 00:00:00


Read file
Completed

Exchange Management Shell command completed:
Read binary stream from the file 'C:\Users\admin\Desktop\mail.linearcontrols.co.uk.crt'.

Elapsed Time: 00:00:00


mail.****.crt
Completed

Exchange Management Shell command completed:
Import-ExchangeCertificate -Server 'PLUTO' -FileData '<Binary Data>'

Elapsed Time: 00:00:00
0
 
LVL 40

Expert Comment

by:als315
ID: 38782418
If you run:
Get-ExchangeCertificate
from Exchange management shell, what is in result?
0
 

Author Comment

by:andrew_2706
ID: 38782472
None of the Thumbprints match the certificate in question, the only place I can see the installed certificate is via mmc certificates..

Thumbprint                                Services   Subject
----------                                --------   -------
38C1A3A971CBCBE932634870F28D6E7B52A332A8  ......     CN=mail.*******.co.uk, OU=Domain Control Validated, O=ma...
F989C0607771F2423294140E977B5E714AFCAD13  IP.WS.     CN=mail.*******s.co.uk, OU=Domain Control Validated, O=ma...
8B9B430F24C2E033B0CB0D4C5D7E0775174D8027  ......     CN=PLUTO.linear.local
0E9CCADAAA4676DA0DA1C5CB729CA93E5CF30D95  ...WS.     CN=Sites
2D5788E3D2D4AF198317E5633C863ACDD6A0322D  ......     CN=linear-PLUTO-CA
0
 
LVL 40

Expert Comment

by:als315
ID: 38783052
May be you installed certificate with certmgr.mmc? I've never tried, but here:
https://www.globalsign.com/support/install/ex_2010.php
you can read, that it was wrong way. Try to remove it with mmc and complete again
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 38784109
You will need to create a new request on the server, and then get the certificate authority to rekey or reissue the certificate. You cannot just install a new/corrected certificate with the response from the SSL provider.

You need a pending request to be in place to match the issued certificate to.

Simon.
0
 

Author Closing Comment

by:andrew_2706
ID: 38786538
Thanks worked a treat, created new request and then just re-keyed the new certificate
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Migrating from Exchange 2010 to 2013 2 72
outlook, autodiscover 1 59
NLB +DAG 8 56
How to update GAL in O365? 4 33
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
This video discusses moving either the default database or any database to a new volume.

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question