Solved

Change Exchange 2010 certificate

Posted on 2013-01-16
11
318 Views
Last Modified: 2013-01-17
I made an error in one of the names on an SSL certificate.

I've got the certificate issuing authority to issue a new certificate with the amended details but can't find how to replace an existing certificate.
0
Comment
Question by:andrew_2706
  • 5
  • 5
11 Comments
 
LVL 39

Expert Comment

by:als315
ID: 38781757
0
 

Author Comment

by:andrew_2706
ID: 38781781
I've tried the first and created a request and then completed using the new certificate I have which has been imported somewhere but still the old certificate is working and the one that is showing in EMC Exchange Certificates
0
 
LVL 39

Expert Comment

by:als315
ID: 38781791
Have you made "Complete pending request" and assigned it to services?
0
 

Author Comment

by:andrew_2706
ID: 38781848
When I complete the certificate does not show in EMC so unable to assign to services?
0
 
LVL 39

Expert Comment

by:als315
ID: 38782043
What is the result of complete action? Any errors?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:andrew_2706
ID: 38782156
No Errors completing request

Summary: 2 item(s). 2 succeeded, 0 failed.
Elapsed time: 00:00:00


Read file
Completed

Exchange Management Shell command completed:
Read binary stream from the file 'C:\Users\admin\Desktop\mail.linearcontrols.co.uk.crt'.

Elapsed Time: 00:00:00


mail.****.crt
Completed

Exchange Management Shell command completed:
Import-ExchangeCertificate -Server 'PLUTO' -FileData '<Binary Data>'

Elapsed Time: 00:00:00
0
 
LVL 39

Expert Comment

by:als315
ID: 38782418
If you run:
Get-ExchangeCertificate
from Exchange management shell, what is in result?
0
 

Author Comment

by:andrew_2706
ID: 38782472
None of the Thumbprints match the certificate in question, the only place I can see the installed certificate is via mmc certificates..

Thumbprint                                Services   Subject
----------                                --------   -------
38C1A3A971CBCBE932634870F28D6E7B52A332A8  ......     CN=mail.*******.co.uk, OU=Domain Control Validated, O=ma...
F989C0607771F2423294140E977B5E714AFCAD13  IP.WS.     CN=mail.*******s.co.uk, OU=Domain Control Validated, O=ma...
8B9B430F24C2E033B0CB0D4C5D7E0775174D8027  ......     CN=PLUTO.linear.local
0E9CCADAAA4676DA0DA1C5CB729CA93E5CF30D95  ...WS.     CN=Sites
2D5788E3D2D4AF198317E5633C863ACDD6A0322D  ......     CN=linear-PLUTO-CA
0
 
LVL 39

Expert Comment

by:als315
ID: 38783052
May be you installed certificate with certmgr.mmc? I've never tried, but here:
https://www.globalsign.com/support/install/ex_2010.php
you can read, that it was wrong way. Try to remove it with mmc and complete again
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 38784109
You will need to create a new request on the server, and then get the certificate authority to rekey or reissue the certificate. You cannot just install a new/corrected certificate with the response from the SSL provider.

You need a pending request to be in place to match the issued certificate to.

Simon.
0
 

Author Closing Comment

by:andrew_2706
ID: 38786538
Thanks worked a treat, created new request and then just re-keyed the new certificate
0

Featured Post

Too many email signature changes to deal with?

Are you constantly being asked to update your organization's email signatures? Do they take up too much of your time? Wouldn't you love to be able to manage all signatures from one central location, easily design them and deploy them quickly to users. Well, you can!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now